The Situation
Many IT organizations find little synergy between automation and policy compliance tools. The automation system deploys and manages Infrastructure as Code while the policy compliance tools scan hours, days, or weeks after the fact. This time gap increases both the attack surface and duration of systems in a compromised state, creating unthinkable security incidents for IT stakeholders like ransomware attacks. Recently, hackers have found ways to insert compromised code into the automation backplane itself and turn trusted systems into distribution networks for their malware.
The Security as Code Ansible Accelerator is a DevSecOps solution that integrates Red Hat Ansible and Concourse Labs to enable IT teams to create and apply Security-as-Code policies to their Infrastructure as code automation pipelines. This solution has a twofold benefit by preventing malicious Infrastructure as Code configurations from executing in automation pipelines and continuously remediating policy violations in deployed infrastructure.
If your automation and policy compliance tools are disconnected, Security as Code Ansible Accelerator gets you started by deploying a secure automation reference architecture with best of breed Red Hat Ansible and Concourse Labs. The framework enables IT teams to create and insert Security as Code policies into their automation pipelines.
Security as Code Accelerator is a turnkey solution that provides all the software, certified implementation services, and integration templates to integrate Security as Code into an automation backplane as part of a broader DevSecOs strategy, significantly reducing the attack surface for ransomware and providing IT stakeholders assurances that their systems remain compliant.
Security as Code Ansible ACCELERATOR INCLUDES:
Subscriptions for Red Hat Ansible and Concourse Labs
Advisory services to review existing automation and security scanning infrastructure
Identify key places in automation pipelines that are most vulnerable to attack
Identify recurring issues with configuration drift and security policy violations
Install and configure Ansible Controller in a highly available multi-datacenter configuration
Configure Concourse Labs to perform scans of Infrastructure as Code
Integrate Concourse with Ansible to enable scanning and remediation of malicious code before and after it executes
BUSINESS OUTCOMES:
Decrease the risk of a broad based multi system ransomware attack
Increase the security of software supply chain
Ensure in real time that infrastructure is compliant with security policies
CONSULT THE CentOS to RHEL EXPERTS
Schedule an Ask The Expert℠ session with highly knowledgeable experts to learn more about how the Security as Code Ansible Accelerator℠ can benefit your organization.
TELL ME MORE ABOUT STONE DOOR GROUP
We believe “doing” is much more convincing than “talking.” Below are links to some of our most popular blogs and tutorials:
