The details of each implementation can vary, but the general approach is to target devices that are either operated by employees or are exposed to public access. The most recent addition to our security automation initiative was announced at AnsibleFest 2020: the extension to support endpoint protection use cases.Įndpoint protection is about the elements in IT that are most vulnerable to the human element of security.
If you want to know more about what is available, have a look at the supported Collections that can be accessed via for more details. The Ansible security automation initiative grew significantly over the last two years, adding more partners and covering additional domains and use cases. A good follow up is our blog post about threat hunting, extending the application of Ansible security automation to multiple teams across the IT department. If you are new to the topic, a good place to start is our investigation enrichment blog. Red Hat Ansible Automation Platform caters to this growing importance of security with Ansible security automation: our answer to the lack of integration across the IT security industry. With so many different layers, automation proved to be effective in helping security operations teams to integrate and share accountability.Īutomated processes and workflows simplify and accelerate shared processes, like investigation & response and, if enabled with a platform with the right characteristics, encourage a more open culture of collaboration. Enterprise security isn’t a homogeneous entity it’s a portfolio of multi-vendor solutions run by disparate and often siloed teams.