8
July 2020
Imagine If Security Operations Automation Was Easy
Mark Warren
Security operations are a critical defence mechanism for every business. Often, the Security Operations Center (or SOC) is thought of as the emergency service that gets called after a breach. Obviously, that's a critically important job. But it's far from all they do. Every day, they'll be continually improving the organization's defences to prevent the next attack. Sometimes that might be major projects like network architecture design, but often it's hundreds of small tweaks that are so important. Jobs like keeping devices up to date with the latest software updates, reviewing who has access to what devices and services, or updating firewall rules.
Clearly, all are important, but, for now, let's look at one of those everyday tasks that normally need a highly-qualified administrator because any mistakes could prevent customers and staff from working. Or, worse, leave an open door for attackers. Firewall updates need administrator credentials to make the changes. If the credentials are compromised, you're sending every attacker a copy of the key to your company's valuable systems!
In the past, automating operations like firewall updates hasn't been easy. Shell scripts become islands of knowledge, not visible to other admins and may even contain those valuable administrator credentials.
Privileged Process Automation (PPA) changes everything.
With PPA, simple workflows automate complex tasks without ever exposing admin credentials or allowing users attempt to make any changes they shouldn't. You can see it in action in the video above.
If firewall updates can be safely automated, they can be delegated to help desk engineers. That frees up valuable expert's time. You can also be sure the job is done the right way first time and there's a full audit trail if anyone needs to check that processes are being followed. That's just one example, think of all the other tasks that could be automated.
PPA makes this automation easy and you can easily build new automation workflows using the built-in task builder.
Imagine what you could do with the time saved by security automation.
If you'd like to learn more, please visit osirium.com/ppa.