Work Smarter, Not Harder with Security Baseline Configuration Automation

March 26, 2015 by Justin Nemmers

Untitled_designMany security baseline processes are rife with challenges. Whether organizations use scripts to manually brute-force their system-level compliance baseline, or perhaps leverage the all-too-common “Gold Disk” approach, routine security baseline compliance remediation remains largely an unsolved and constant challenge even for the most mature of IT organizations.

Even for organizations that are using an existing management tool to help with their security baselining, issues frequently arise around how to identify systems that require baselining as they come online, and then immediately recognize what needs to be done on those systems in order to verify their compliance.

To add to the challenge, applying a baseline to a newly deployed server or application is one thing, but validating compliance throughout the server and application lifecycle typically requires a separate set of tools or processes, or at very least scripts that are smart enough to smartly change the existing state of a server or application without impacting its availability.

MindPoint Group knew there was a better way. The security folks at MindPoint group are leveraging the power and simplicity of Ansible to bring automation to the problem of security baselines. And thanks to Ansible’s design, the work that MindPoint group has done is as useful for existing systems as it is for new. We’ve collectively started with the DISA STIG for Red Hat Enterprise Linux 6, but will soon be expanding to other baselines such as the CIS benchmark, and other operating systems.

Given MindPoint Group’s expertise in using Automation to repeatedly and securely apply and remediate various security baseline standards, who better than MindPoint Group CEO Matt Shepherd to talk about why automation is the only way to ensure compliance?

Read what Matt has to say.

Share:

Topics:
STIG


 

Justin Nemmers

Justin is the Ansible Product Owner at Ansible by Red Hat. He has spent a career helping organizations transform their IT environments by adopting new, and better making better use of existing technologies. Over his career, he has held both technical, sales, marketing and product leadership roles at a number of organizations, including Red Hat, where he ran a large services team. He resides in Raleigh, NC with his wife and children and tweets from @justnems.


rss-icon  RSS Feed

Ansible Tower by Red Hat
Ansible In-Depth Whitepaper
Ansible Tower by Red Hat
Learn About Ansible Tower