Security Automation Simplified

Presented at BSidesSF 2019, March 3, 2019, 2:50 p.m. (30 minutes)

Security automation can look a lot like magic, and many feel a strong temptation to go buy $HOT\_SECURITY\_ORCHESTRATION\_PRODUCT, but it's really not hard to get started automating SecOps with the tools you already have, free and open source tools, and a little bit of code. In this talk I will give a high level view of how a SecOps or other IT group can use automation to save time and effort. I'll walk through an example, with screenshots and code, of how to automate an ops process. I want to remove the magic from automation and present concrete ways for any ops team to do this. This is not a "no code required!" approach to automation, but it's practical and easy enough to get started.

Presenters:

• Moses Schwartz - Box
  Moses is a staff security engineer working for the Box security incident response team. He's part software developer and part security researcher, with over 10 years experience in industry and government. Nothing hurts him more than watching someone do a tedious, manual task that could be automated.

Links:

• https://bsidessf2019.sched.com/event/Jde0/security-automation-simplified

Similar Presentations:

• HOPE 2020 Virtual Rescheduled / Back Seat Webdriving via Browser Automation
• GrrCON 2013 / The Science of Security Automation
• CarolinaCon Online 2021 Virtual / Practical Infrastructure Automation For Red Teams