Explore security automation techniques in this 23-minute conference talk from BSidesSF 2019. Learn how to implement cost-effective automation solutions using existing tools, open-source resources, and basic coding skills. Follow along with a step-by-step example, complete with screenshots and code, demonstrating how to automate an operations process. Gain insights into security monitoring, alert creation, automation servers, secret management, webhook implementation, and integration with tools like Splunk, JIRA, and VirusTotal. Discover practical approaches to demystify automation for SecOps and IT teams, along with important considerations and metrics for successful implementation. Conclude with a summary and Q&A session to solidify your understanding of simplified security automation.
Overview
Syllabus
Intro
Security Monitoring
Splunk
Create Alert
Flask
Automation Server
Secret Management
JIRA
Webhooks
Create a Webhook
Automation Server Pie
Automation Server Code
VirusTotal Script
Recap
Automation
Automation Considerations
Automation Metrics
Summary
Questions
Taught by
Security BSides San Francisco
