Workshop Overview
This workshop will guide you through the basic concepts and show you how to use the Ansible Automation Platform (AAP2) in combination with existing third-party security solutions. Designed for people who want to learn how Ansible can be leveraged in a security environment.
What You Will Learn
AAP2 is a simple, yet powerful IT automation engine for application deployment, configuration management, and orchestration that you can learn quickly. Get started with the Ansible Automation Platform by implementing automation for three security use cases:
- Firewall orchestration
- IDS and SIEM: Investigating suspicious traffic on a web server
- Threat hunting: Analyzing unusual denied accesses
Exercises
Section 1 - AAP2 Security Automation Basics
- Exercise 1.1 - Exploring the lab environment
- Exercise 1.2 - Executing the first Check Point playbook
- Exercise 1.3 - Executing the first Snort playbook
- Exercise 1.4 - Executing the first IBM QRadar playbook
Section 2 - AAP2 Security Use Cases
- Exercise 2.1 - Investigation enrichment
- Exercise 2.2 - Threat hunting
- Exercise 2.3 - Incident response
Prerequisites
This workshop can be completed using a chromium-based web browser.
Please contact marketing@emergent360.com if you should have any questions
