Auto-Nuke It from Orbit: A Framework for Critical Security Control Automation

by Jeremiah Hainly
Sept. 1, 2017 1 comment SANS Institute free and open source software

Over 83% of security teams report that the use of automation in security needs to increase within the next three years (Algosec, 2016). With automation becoming a reality for a growing number of companies, there will also be an increased demand for open-sourced scripts to get started. This paper will provide a framework for prioritizing and developing security automation and will demonstrate this process by creating a script to automate a common information security response procedure - the reimaging of an infected endpoint. The primary function of the script will be to access the application program interface (API) of various enterprise software solutions to speed up the manual tasks involved in performing a reimage.

negrii_irina88 4 months, 3 weeks ago

I lost my time with this article ... very boring and exposed in a tricky language