Security Automation 

Orchestrate enterprise security systems

Request Info

Challenge

How can we integrate IT security teams and the security solutions they use in a fast paced environment?

Solution

The need to respond to security attacks manually is daunting. With Red Hat® Ansible® Automation Platform you can automate and integrate different security solutions that can investigate and respond to threats across the enterprise in a coordinated, unified way using a curated collection of modules, roles and playbooks.

Coordinate enterprise security systems

Investigation enrichment

Collect logs across firewalls, intrusion detection systems (IDS) and other security systems programmatically, enabling on-demand enrichment of triage activities performed through security information and event management systems (SIEMs).

Watch video

Threat hunting

Automatically tune the level of logging, create new intrusion detection system (IDS) rules and new firewall policies facilitating the detection of more threats in less time.

Watch video

Incident response

Remediate faster-automating actions like blacklisting attacking IP addresses or domains, whitelisting non-threatening traffic or isolating suspicious workloads for further investigation.

Watch video

Ansible Automation is the common language between security tools

Security encompasses a broad variety of products and services designed to protect individuals and organizations from the loss or damage to their data, applications, IT systems, networks and devices from malicious or unintended activities.

Firewalls control what traffic is allowed to traverse from one network to another, protecting line-of-business applications that are exposed to the internet or intranet. Ansible Automation can manipulate policies and log configuration, which speeds up investigation and remediation processes.

Screen Shot 2021-10-14 at 10.43.31 AM

 

Intrusion detection & prevention systems (IDPS) monitor network traffic for suspicious activity and issue alerts and block attacks when a known attack pattern is discovered. Ansible Automation can simplify rule and log management, making security operations more efficient.

Screen Shot 2021-10-14 at 10.46.43 AM

 

Security information and event management (SIEM) systems collect and analyze security events to help detect and respond to threats. Ansible Automation gives users programmatic access to a wide variety of data sources so security analysts can use as much data as possible to assess situations.

Screen Shot 2021-10-14 at 10.48.42 AM

 

Privileged Access Management (PAM) tools monitor and manage privileged accounts and access, provide single sign-on (SSO) and supersede hardcoded password for service and applications. Ansible Automation streamlines the rotation and management of privileged credentials to automate the prevention and remediation of high-risk activities.

Screen Shot 2021-10-14 at 10.50.35 AM

 

Endpoint Protection Platforms (EPP) detect, investigate and remediate malicious activities on endpoint devices, the most numerous and vulnerable elements of an IT infrastructure. Ansible Automation enables the integration of EPP tools into larger security processes providing event driven detection, quarantining and remediation.

Screen Shot 2021-10-14 at 10.52.58 AM

 

Ansible Automation Platform certified partners

Learn more

How Red Hat Ansible Automation Platform  consolidates security systems

Ansible Automation helps larger enterprises manage the automated aspects of security systems. With access to hundreds of modules that enable users to automate all aspects of IT environments and processes, Ansible can integrate many teams to more completely protect complex security perimeters—helping security teams work more collaboratively.

Explore Features

redhat-automation-platform_analytics-clusters_520

 

Ansible Automation lets security teams:

Chain workflows and playbooks for modular reusability

Security teams can configure a sequence of jobs that share inventory, playbooks, or permissions to fully automate investigations or remediations.

Support local directory services and access controls

Pairing user directory services with infrastructure allows security teams to centralize job access and execution, assign operation subsets to specific roles, and share tasks with other groups.

Consolidate and centralize logs

Integration with third-party external log aggregation services helps security teams identify trends, analyze infrastructure events, monitor anomalies, and correlate disparate events.

Integrate external apps using RESTful APIs

Security teams can use Red Hat Ansible Automation Platform  to manage other enterprise applications—like security orchestration and automated response (SOAR) solutions.

Red Hat named a leader in infrastructure automation
 
Forrester Research named Red Hat Ansible Automation Platform a leader in The Forrester WaveTM: Infrastructure Automation, Q1, 2023—with the highest score in the strategy category.
Get the report

Ready to get started?

No matter where you are on your automation journey Ansible is here to help.

Ansible for Security and Compliace

Learn more