Security Automation with Ansible 2: Leverage Ansible 2 to automate complex security tasks like application security, network security, and malware analysis

Packt Publishing Ltd
1
Free sample

Automate security-related tasks in a structured, modular fashion using the best open source automation tool availableAbout This Book
  • Leverage the agentless, push-based power of Ansible 2 to automate security tasks
  • Learn to write playbooks that apply security to any part of your system
  • This recipe-based guide will teach you to use Ansible 2 for various use cases such as fraud detection, network security, governance, and more
Who This Book Is For

If you are a system administrator or a DevOps engineer with responsibility for finding loop holes in your system or application, then this book is for you. It's also useful for security consultants looking to automate their infrastructure's security model.

What You Will Learn
  • Use Ansible playbooks, roles, modules, and templating to build generic, testable playbooks
  • Manage Linux and Windows hosts remotely in a repeatable and predictable manner
  • See how to perform security patch management, and security hardening with scheduling and automation
  • Set up AWS Lambda for a serverless automated defense
  • Run continuous security scans against your hosts and automatically fix and harden the gaps
  • Extend Ansible to write your custom modules and use them as part of your already existing security automation programs
  • Perform automation security audit checks for applications using Ansible
  • Manage secrets in Ansible using Ansible Vault
In Detail

Security automation is one of the most interesting skills to have nowadays. Ansible allows you to write automation procedures once and use them across your entire infrastructure. This book will teach you the best way to use Ansible for seemingly complex tasks by using the various building blocks available and creating solutions that are easy to teach others, store for later, perform version control on, and repeat.

We'll start by covering various popular modules and writing simple playbooks to showcase those modules. You'll see how this can be applied over a variety of platforms and operating systems, whether they are Windows/Linux bare metal servers or containers on a cloud platform. Once the bare bones automation is in place, you'll learn how to leverage tools such as Ansible Tower or even Jenkins to create scheduled repeatable processes around security patching, security hardening, compliance reports, monitoring of systems, and so on.

Moving on, you'll delve into useful security automation techniques and approaches, and learn how to extend Ansible for enhanced security. While on the way, we will tackle topics like how to manage secrets, how to manage all the playbooks that we will create and how to enable collaboration using Ansible Galaxy. In the final stretch, we'll tackle how to extend the modules of Ansible for our use, and do all the previous tasks in a programmatic manner to get even more powerful automation frameworks and rigs.

Style and approach

This comprehensive guide will teach you to manage Linux and Windows hosts remotely in a repeatable and predictable manner. The book takes an in-depth approach and helps you understand how to set up complicated stacks of software with codified and easy-to-share best practices.

Read more
Collapse

About the author

Madhu Akula is a security ninja and security and devops researcher with extensive experience in the industry, ranging from client-facing assignments building scalable and secure infrastructure, to publishing industry-leading research to running training sessions for companies and governments alike. Madhu's research papers are frequently selected for major security industry conferences including Defcon 24, All Day DevOps (2016, 2017), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n, Serverless Summit ToorCon, DefCamp, SkydogCon, NolaCon, and null, and more. Madhu was a keynote speaker for the National Cyber Security conference at Dayananda Sagar College in February 2016. When he's not working with Appsecco's clients or speaking at events, he's actively involved in researching vulnerabilities in open source products/platforms such as WordPress, Ntop, and Opendocman. He's also a contributing bug hunter with Code Vigilant (a project to secure open source software). His research has identified many vulnerabilities in over 200 organizations including the U.S. Department of Homeland Security, Google, Microsoft, Yahoo, Adobe, LinkedIn, eBay, AT&T, Blackberry, Cisco, Barracuda, and more. He is also an active member of Bugcrowd, Hackerone, Synack, and more. Madhu has trained over 5000 people in information security for companies and organizations including the Indian Navy and the Ministry of e-services in a leading Gulf state.

Akash Mahajan is an accomplished security professional with over a decade's experience in providing specialist application and infrastructure consulting services at the highest levels to companies, governments, and organizations around the world. He has lots of experience in working with clients to provide innovative security insights that truly reflect the commercial and operational needs of the organization, from strategic advice to testing and analysis to incident response and recovery. He is an active participant in the international security community and a conference speaker both individually, as chapter lead of the Bangalore chapter of OWASP the global organization responsible for defining the standards for web application security and as a co-founder of NULL India's largest open security community. Akash runs Appsecco, a company focused on Application Security. He authored the book Burp Suite Essentials published by Packt Publishing in November 2014, which is listed as a reference by the creators of Burp Suite.

Read more
Collapse
4.0
1 total
Loading…

Additional Information

Publisher
Packt Publishing Ltd
Read more
Collapse
Published on
Dec 13, 2017
Read more
Collapse
Pages
364
Read more
Collapse
ISBN
9781788398725
Read more
Collapse
Read more
Collapse
Read more
Collapse
Language
English
Read more
Collapse
Genres
Computers / Security / General
Computers / Software Development & Engineering / Tools
Computers / System Administration / General
Read more
Collapse
Content protection
This content is DRM free.
Read more
Collapse
Read aloud
Available on Android devices
Read more
Collapse

Reading information

Smartphones and Tablets

Install the Google Play Books app for Android and iPad/iPhone. It syncs automatically with your account and allows you to read online or offline wherever you are.

Laptops and Computers

You can read books purchased on Google Play using your computer's web browser.

eReaders and other devices

To read on e-ink devices like the Sony eReader or Barnes & Noble Nook, you'll need to download a file and transfer it to your device. Please follow the detailed Help center instructions to transfer the files to supported eReaders.
Over 50+ hands-on recipes to help you pen test networks using Python, discover vulnerabilities, and find a recovery pathAbout This BookLearn to detect and avoid various types of attack that put system privacy at riskEnhance your knowledge of wireless application concepts and information gathering through practical recipesLearn a pragmatic way to penetration-test using Python, build efficient code, and save timeWho This Book Is For

If you are a developer with prior knowledge of using Python for penetration testing and if you want an overview of scripting tasks to consider while penetration testing, this book will give you a lot of useful code for your toolkit.

What You Will LearnLearn to configure Python in different environment setups.Find an IP address from a web page using BeautifulSoup and ScrapyDiscover different types of packet sniffing script to sniff network packetsMaster layer-2 and TCP/ IP attacksMaster techniques for exploit development for Windows and LinuxIncorporate various network- and packet-sniffing techniques using Raw sockets and ScrapyIn Detail

Penetration testing is the use of tools and code to attack a system in order to assess its vulnerabilities to external threats. Python allows pen testers to create their own tools. Since Python is a highly valued pen-testing language, there are many native libraries and Python bindings available specifically for pen-testing tasks.

Python Penetration Testing Cookbook begins by teaching you how to extract information from web pages. You will learn how to build an intrusion detection system using network sniffing techniques. Next, you will find out how to scan your networks to ensure performance and quality, and how to carry out wireless pen testing on your network to avoid cyber attacks. After that, we'll discuss the different kinds of network attack. Next, you'll get to grips with designing your own torrent detection program. We'll take you through common vulnerability scenarios and then cover buffer overflow exploitation so you can detect insecure coding. Finally, you'll master PE code injection methods to safeguard your network.

Style and approach

This book takes a recipe-based approach to solving real-world problems in pen testing. It is structured in stages from the initial assessment of a system through exploitation to post-exploitation tests, and provides scripts that can be used or modified for in-depth penetration testing.

"... an engaging book that will empower readers in both large and small software development and engineering organizations to build security into their products. ... Readers are armed with firm solutions for the fight against cyber threats."
—Dr. Dena Haritos Tsamitis. Carnegie Mellon University

"... a must read for security specialists, software developers and software engineers. ... should be part of every security professional’s library."
—Dr. Larry Ponemon, Ponemon Institute

"... the definitive how-to guide for software security professionals. Dr. Ransome, Anmol Misra, and Brook Schoenfield deftly outline the procedures and policies needed to integrate real security into the software development process. ...A must-have for anyone on the front lines of the Cyber War ..."
—Cedric Leighton, Colonel, USAF (Ret.), Cedric Leighton Associates

"Dr. Ransome, Anmol Misra, and Brook Schoenfield give you a magic formula in this book - the methodology and process to build security into the entire software development life cycle so that the software is secured at the source! "
—Eric S. Yuan, Zoom Video Communications

There is much publicity regarding network security, but the real cyber Achilles’ heel is insecure software. Millions of software vulnerabilities create a cyber house of cards, in which we conduct our digital lives. In response, security people build ever more elaborate cyber fortresses to protect this vulnerable software. Despite their efforts, cyber fortifications consistently fail to protect our digital treasures. Why? The security industry has failed to engage fully with the creative, innovative people who write software.

Core Software Security expounds developer-centric software security, a holistic process to engage creativity for security. As long as software is developed by humans, it requires the human element to fix it. Developer-centric security is not only feasible but also cost effective and operationally relevant. The methodology builds security into software development, which lies at the heart of our cyber infrastructure. Whatever development method is employed, software must be secured at the source.

Book Highlights:

Supplies a practitioner's view of the SDL Considers Agile as a security enabler Covers the privacy elements in an SDL Outlines a holistic business-savvy SDL framework that includes people, process, and technology Highlights the key success factors, deliverables, and metrics for each phase of the SDL Examines cost efficiencies, optimized performance, and organizational structure of a developer-centric software security program and PSIRT Includes a chapter by noted security architect Brook Schoenfield who shares his insights and experiences in applying the book’s SDL framework

View the authors' website at http://www.androidinsecurity.com/

Over 100 practical recipes related to network and application security auditing using the powerful NmapAbout This BookLearn through practical recipes how to use Nmap for a wide range of tasks for system administrators and penetration testers.Learn the latest and most useful features of Nmap and the Nmap Scripting Engine.Learn to audit the security of networks, web applications, databases, mail servers, Microsoft Windows servers/workstations and even ICS systems.Learn to develop your own modules for the Nmap Scripting Engine.Become familiar with Lua programming.100% practical tasks, relevant and explained step-by-step with exact commands and optional arguments descriptionWho This Book Is For

The book is for anyone who wants to master Nmap and its scripting engine to perform real life security auditing checks for system administrators and penetration testers. This book is also recommended to anyone looking to learn about network security auditing. Finally, novice Nmap users will also learn a lot from this book as it covers several advanced internal aspects of Nmap and related tools.

What You Will LearnLearn about Nmap and related tools, such as Ncat, Ncrack, Ndiff, Zenmap and the Nmap Scripting EngineMaster basic and advanced techniques to perform port scanning and host discoveryDetect insecure configurations and vulnerabilities in web servers, databases, and mail serversLearn how to detect insecure Microsoft Windows workstations and scan networks using the Active Directory technologyLearn how to safely identify and scan critical ICS/SCADA systemsLearn how to optimize the performance and behavior of your scansLearn about advanced reportingLearn the fundamentals of Lua programmingBecome familiar with the development libraries shipped with the NSEWrite your own Nmap Scripting Engine scriptsIn Detail

This is the second edition of 'Nmap 6: Network Exploration and Security Auditing Cookbook'. A book aimed for anyone who wants to master Nmap and its scripting engine through practical tasks for system administrators and penetration testers. Besides introducing the most powerful features of Nmap and related tools, common security auditing tasks for local and remote networks, web applications, databases, mail servers, Microsoft Windows machines and even ICS SCADA systems are explained step by step with exact commands and argument explanations.

The book starts with the basic usage of Nmap and related tools like Ncat, Ncrack, Ndiff and Zenmap. The Nmap Scripting Engine is thoroughly covered through security checks used commonly in real-life scenarios applied for different types of systems. New chapters for Microsoft Windows and ICS SCADA systems were added and every recipe was revised. This edition reflects the latest updates and hottest additions to the Nmap project to date. The book will also introduce you to Lua programming and NSE script development allowing you to extend further the power of Nmap.

Style and approach

This book consists of practical recipes on network exploration and security auditing techniques, enabling you to get hands-on experience through real life scenarios.

With the advances of technology and the reoccurrence of data leaks, cyber security is a bigger challenge than ever before. Cyber attacks evolve as quickly as the technology itself, and hackers are finding more innovative ways to break security controls to access confidential data and to interrupt services. Hackers reinvent themselves using new technology features as a tool to expose companies and individuals. Therefore, cyber security cannot be reactive but must go a step further by implementing proactive security controls that protect one of the most important assets of every organization: the company's information.

This IBM® Redbooks® publication provides information about implementing IBM QRadar® for Security Intelligence and Event Monitoring (SIEM) and protecting an organization's networks through a sophisticated technology, which permits a proactive security posture. It is divided in to the following major sections to facilitate the integration of QRadar with any network architecture:
Chapter 2, "Before the installation" on page 3 provides a review of important requirements before the installation of the product.

Chapter 3, "Installing IBM QRadar V7.3" on page 57 provides step-by-step procedures to guide you through the installation process.

Chapter 4, "After the installation" on page 77 helps you to configure additional features and perform checks after the product is installed.

QRadar is an IBM Security prime product that is designed to be integrated with corporate network devices to keep a real-time monitoring of security events through a centralized console. Through this book, any network or security administrator can understand the product's features and benefits.

©2020 GoogleSite Terms of ServicePrivacyDevelopersArtistsAbout Google|Location: United StatesLanguage: English (United States)
By purchasing this item, you are transacting with Google Payments and agreeing to the Google Payments Terms of Service and Privacy Notice.