Security Automation with Ansible 2

Automate security-related tasks in a structured, modular fashion using the best open source automation tool available
Preview in Mapt

Security Automation with Ansible 2

Madhu Akula, Akash Mahajan

2 customer reviews
Automate security-related tasks in a structured, modular fashion using the best open source automation tool available

Quick links: > What will you learn?> Table of content> Product reviews

eBook
$5.00
RRP $35.99
Save 86%
Print + eBook
$44.99
RRP $44.99
What do I get with a Mapt Pro subscription?
  • Unlimited access to all Packt’s 5,000+ eBooks and Videos
  • Early Access content, Progress Tracking, and Assessments
  • 1 Free eBook or Video to download and keep every month after trial
What do I get with an eBook?
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with Print & eBook?
  • Get a paperback copy of the book delivered to you
  • Download this book in EPUB, PDF, MOBI formats
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
What do I get with a Video?
  • Download this Video course in MP4 format
  • DRM FREE - read and interact with your content when you want, where you want, and how you want
  • Access this title in the Mapt reader
$5.00
$44.99
RRP $35.99
RRP $44.99
eBook
Print + eBook

Frequently bought together


Security Automation with Ansible 2 Book Cover
Security Automation with Ansible 2
$ 35.99
$ 5.00
Information Security Handbook Book Cover
Information Security Handbook
$ 35.99
$ 5.00
Buy 2 for $10.00
Save $61.98
Add to Cart

Book Details

ISBN 139781788394512
Paperback324 pages

Book Description

Security automation is one of the most interesting skills to have nowadays. Ansible allows you to write automation procedures once and use them across your entire infrastructure. This book will teach you the best way to use Ansible for seemingly complex tasks by using the various building blocks available and creating solutions that are easy to teach others, store for later, perform version control on, and repeat.

We’ll start by covering various popular modules and writing simple playbooks to showcase those modules. You’ll see how this can be applied over a variety of platforms and operating systems, whether they are Windows/Linux bare metal servers or containers on a cloud platform. Once the bare bones automation is in place, you’ll learn how to leverage tools such as Ansible Tower or even Jenkins to create scheduled repeatable processes around security patching, security hardening, compliance reports, monitoring of systems, and so on.

Moving on, you’ll delve into useful security automation techniques and approaches, and learn how to extend Ansible for enhanced security. While on the way, we will tackle topics like how to manage secrets, how to manage all the playbooks that we will create and how to enable collaboration using Ansible Galaxy. In the final stretch, we’ll tackle how to extend the modules of Ansible for our use, and do all the previous tasks in a programmatic manner to get even more powerful automation frameworks and rigs.

Table of Contents

Chapter 1: Introduction to Ansible Playbooks and Roles
Ansible terms to keep in mind 
Summary
Chapter 2: Ansible Tower, Jenkins, and Other Automation Tools
Scheduling tools to enable the next abstraction of automation
Getting up and running
Security automation use cases
Summary
Chapter 3: Setting Up a Hardened WordPress with Encrypted Automated Backups
CLI for WordPress
Why Ansible for this setup?
A complete WordPress installation step-by-step
Setting up Apache2 web server
Enabling TLS/SSL with Let's Encrypt
What if you don't want to roll your own? The Trellis stack
WordPress on Windows 
Summary
Chapter 4: Log Monitoring and Serverless Automated Defense (Elastic Stack in AWS)
Introduction to Elastic Stack
Automated defense?
Summary
Chapter 5: Automating Web Application Security Testing Using OWASP ZAP
Installing OWASP ZAP
Summary
Chapter 6: Vulnerability Scanning with Nessus
Introduction to Nessus
Summary
Chapter 7: Security Hardening for Applications and Networks
Security hardening with benchmarks such as CIS, STIGs, and NIST
Automating security audit checks for networking devices using Ansible
Automation security audit checks for applications using Ansible
Automated patching approaches using Ansible
Summary
Chapter 8: Continuous Security Scanning for Docker Containers
Understanding continuous security concepts
Automating vulnerability assessments of Docker containers using Ansible
Scheduled scans using Ansible Tower for Docker security
Scheduled scans using Ansible Tower for operating systems and kernel security
Scheduled scans for file integrity checks, host-level monitoring using Ansible for various compliance initiatives
Summary
Chapter 9: Automating Lab Setups for Forensics Collection and Malware Analysis
Creating Ansible playbooks for labs for isolated environments
Creating Ansible playbooks for collection and storage with secure backup of forensic artifacts
Summary
Chapter 10: Writing an Ansible Module for Security Testing
Getting started with a hello world Ansible module
Setting up the development environment
Planning and what to keep in mind
OWASP ZAP module
Using Ansible as a Python module 
Summary
Chapter 11: Ansible Security Best Practices, References, and Further Reading
Working with Ansible Vault
Setting up and using Ansible Galaxy 
Ansible controller machine security
Best practices and reference playbook projects
Additional references
Coming soon to Ansible 2.5
Summary

What You Will Learn

  • Use Ansible playbooks, roles, modules, and templating to build generic, testable playbooks
  • Manage Linux and Windows hosts remotely in a repeatable and predictable manner
  • See how to perform security patch management, and security hardening with scheduling and automation
  • Set up AWS Lambda for a serverless automated defense
  • Run continuous security scans against your hosts and automatically fix and harden the gaps
  • Extend Ansible to write your custom modules and use them as part of your already existing security automation programs
  • Perform automation security audit checks for applications using Ansible
  • Manage secrets in Ansible using Ansible Vault

Authors

Table of Contents

Chapter 1: Introduction to Ansible Playbooks and Roles
Ansible terms to keep in mind 
Summary
Chapter 2: Ansible Tower, Jenkins, and Other Automation Tools
Scheduling tools to enable the next abstraction of automation
Getting up and running
Security automation use cases
Summary
Chapter 3: Setting Up a Hardened WordPress with Encrypted Automated Backups
CLI for WordPress
Why Ansible for this setup?
A complete WordPress installation step-by-step
Setting up Apache2 web server
Enabling TLS/SSL with Let's Encrypt
What if you don't want to roll your own? The Trellis stack
WordPress on Windows 
Summary
Chapter 4: Log Monitoring and Serverless Automated Defense (Elastic Stack in AWS)
Introduction to Elastic Stack
Automated defense?
Summary
Chapter 5: Automating Web Application Security Testing Using OWASP ZAP
Installing OWASP ZAP
Summary
Chapter 6: Vulnerability Scanning with Nessus
Introduction to Nessus
Summary
Chapter 7: Security Hardening for Applications and Networks
Security hardening with benchmarks such as CIS, STIGs, and NIST
Automating security audit checks for networking devices using Ansible
Automation security audit checks for applications using Ansible
Automated patching approaches using Ansible
Summary
Chapter 8: Continuous Security Scanning for Docker Containers
Understanding continuous security concepts
Automating vulnerability assessments of Docker containers using Ansible
Scheduled scans using Ansible Tower for Docker security
Scheduled scans using Ansible Tower for operating systems and kernel security
Scheduled scans for file integrity checks, host-level monitoring using Ansible for various compliance initiatives
Summary
Chapter 9: Automating Lab Setups for Forensics Collection and Malware Analysis
Creating Ansible playbooks for labs for isolated environments
Creating Ansible playbooks for collection and storage with secure backup of forensic artifacts
Summary
Chapter 10: Writing an Ansible Module for Security Testing
Getting started with a hello world Ansible module
Setting up the development environment
Planning and what to keep in mind
OWASP ZAP module
Using Ansible as a Python module 
Summary
Chapter 11: Ansible Security Best Practices, References, and Further Reading
Working with Ansible Vault
Setting up and using Ansible Galaxy 
Ansible controller machine security
Best practices and reference playbook projects
Additional references
Coming soon to Ansible 2.5
Summary

Book Details

ISBN 139781788394512
Paperback324 pages
Read More
From 2 reviews

Read More Reviews

Recommended for You

Information Security Handbook Book Cover
Information Security Handbook
$ 35.99
$ 5.00
Internet of Things for Architects Book Cover
Internet of Things for Architects
$ 35.99
$ 5.00
Cybersecurity: Attack and Defense Strategies Book Cover
Cybersecurity: Attack and Defense Strategies
$ 31.99
$ 5.00
Ansible 2: Advancements with Security Automation [Video] Book Cover
Ansible 2: Advancements with Security Automation [Video]
$ 124.99
$ 5.00
Getting Started with Ansible 2 Security Automation [Video] Book Cover
Getting Started with Ansible 2 Security Automation [Video]
$ 124.99
$ 5.00
Containerization with Ansible 2 Book Cover
Containerization with Ansible 2
$ 31.99
$ 5.00