Who is this workshop best for?
The workshop is intended as an introductory course for Ansible Security Automation designed for people who want to learn how Ansible can be leveraged in security environments. The intended audience is technical professionals in automation [part of a cross-functional team or supporting other vertical teams in their company], security operations and vulnerability management.
There is no previous knowledge about Ansible required to access this workshop, though it certainly helps.
This workshop shows, step by step, how you can reach this goal using Ansible to orchestrate three investigation and response activities involving multiple security tools - an enterprise firewall [CheckPoint Next Generation Firewall], an intrusion detection system [Snort] and a SIEM [Splunk Enterprise Security].
|9:00 a.m. - 9:30 a.m.||Welcome and introductions|
|9:30 a.m. - 12:30 p.m.||Labs|
12:30 p.m. - 1:00 p.m.
|1:00 p.m. - 3:30 p.m.||Labs|
|3:30 p.m.||Day ends|