• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

How Can Automation Improve Security?

April 21, 2017 By Teri Radichel

A prior Secplicity blog post explored the potential of cloud security. Automation is one of the most important reasons to move applications to the cloud. By design, third-party cloud platforms can automate manual tasks to deploy, monitor and maintain systems. The AWS Architecting for the Cloud whitepaper explains best practices for cloud applications driven by automation. How can automation improve security?

security automation

First of all, manual processes are prone to human error. It is inevitable. An IBM report finds that human error contributes to 95% of all security breaches. Automation reduces human error by having machines execute tasks. Humans have to create the automation, of course, but it can be tested in advance to ensure it will work correctly each time it is executed. Automation takes time to create up front, but saves time and prevents operational errors in the long run. If implemented correctly, automation keeps systems more secure. If built with security in mind, automated systems can include auditing, security checks, separation of duties and rollback capabilities.

Think about the time it takes you to manually deploy a security appliance. You go through a lot of screens and click a bunch of buttons. Then you have to configure the appliance by logging in, clicking more buttons, and entering configuration values. Let’s say something goes wrong with that appliance in production and you need to re-deploy it quickly. Wouldn’t it be nice if you could just run a script and know that resource would deploy correctly because you already tested that script in the past? If you were on vacation, wouldn’t it be nice if you could safely let less knowledgeable staff re-deploy the resource, because you can be certain the script will deploy the security appliance correctly?

If you store versions of your deployment code, you can automatically prevent and correct unwanted changes. Let’s say you deploy an update and something is wrong with the configuration. With an automated system, you can roll back to the prior version and re-deploy the resource to a known good state. The automated deployment system can track who made what changes when. Automated deployment systems can enforce separation of duties, controlling who is allowed to deploy and approve changes to critical systems. Security automation integrated into software deployment systems can trigger automated tests that disallow deployments that do not meet security standards.

Security automation can also help companies respond more quickly to security events and incidents. Instead of manually reviewing common, reoccurring security events, an automated system can parse logs for the most critical alerts, and then automatically block network ports or shut down systems when these unwanted actions occur. Emails can be sent to end users when suspicious activities occur on their machines to ask them if the action was legitimate or have them call the help desk if not. If a change is discovered that is not in compliance with security standards, it can be prevented or automatically reverted to a secure state.

Automation at first does not seem easier than manually logging into a server and looking at logs. It will take time to write the software that performs the automation. However, taking the time to automate security will help prevent human error and enable security teams to respond to security events more quickly and more effectively for some organizations. For more detailed information, check out a paper I wrote for SANS on AWS Security Automation. In my next blog post I’ll explain how to deploy resources securely in the cloud. — Teri Radichel (@teriradichel)

Share This:

Related

Filed Under: Editorial Articles, Featured Tagged With: automate, aws, Breach, Cloud, human error, secure, security automation

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • The Qakbot Takedown
  • iPhone’s Latest 0-Day
  • Meta’ One Good Deed

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Meta’ One Good Deed
  • iPhone’s Latest 0-Day
  • The Qakbot Takedown
  • Weaponizing WinRAR
  • U.S. Cyber Trust Mark
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use