December 2017
Intermediate to advanced
364 pages
7h 30m
English
Content preview from Security Automation with Ansible 2
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Automation security audit checks for applications using Ansible
Modern applications can get pretty complex fairly quickly. Having the ability to run automation to do security tasks is almost a mandatory requirement.
The different types of application security scanning we can do can range from the following:
- Run CI/CD scanning against the source code (for example, RIPS and brakeman).
- Dependency checking scanners (for example, OWASP dependency checker and snyk.io (https://snyk.io/)).
- Once deployed then run the web application scanner (for example, Nikto, Arachni, and w3af).
- Framework-specific security scanners (for example, WPScan and Droopscan) and many other.