Summary
Containers are rapidly changing the world of developers and operations teams. The rate of change is accelerating, and in this new world, security automation gets to play a front and center role. By leveraging our knowledge of using Ansible for scripting play-by-play commands along with excellent tools such as Archore and osquery
, we can measure, analyze, and benchmark our containers for security. This allows us to build end-to-end automatic processes of securing, scanning and remediating containers.
In the next chapter, we will look at a specialized use case for security automation. We will look at how can we improve the tasks around malware analysis by automating certain parts of it. We will especially focus on lightweight dynamic analysis workflow integrating Cuckoo sandbox, one of the most popular malware analysis tools out there.