Craig Brandt

Author Archives: Craig Brandt

Assessing Red Hat Ansible Automation Platform vulnerabilities

What your security scanner isn’t telling you

 

Security, more than ever, needs to move with speed, and we hear much about “shifting security left” and DevSecOps as methods to help achieve this. As this new paradigm gains momentum, so does the reliance on automated security tools to identify and mitigate software vulnerabilities at scale.

But what if these security tools aren’t telling you the full story?

Often, our customers reach out to us saying their security scanners flag Red Hat Ansible Automation Platform as insecure, or that it contains unpatched vulnerabilities. Rest assured, our products are security-hardened and battle-tested. Red Hat's long-standing track record of upstream contributions extends to improving upstream projects' security and contributing to industry standards. The real culprit here is your security scanner!

In this blog, we’ll cover:

Note

Several links in this blog point you to resources in the Red Hat Customer Portal, which requires a user account. You and members of your team can register online or reach out to your Continue reading

DevOps and CI/CD with automation controller

 

DevOps strives to improve service delivery by bringing teams together, streamlining processes, automating tasks and making these available in a self-service manner.

Many organisations don’t realise the full benefits of DevOps for multiple reasons, including unintegrated tools, manual handovers, and lack of a unified automation solution, leading to islands of automation.

 

“If we develop automation and pipelines that aren’t cohesive and don’t interoperate, there’s a lot of risk of chaos.”

Jayne Groll, CEO, DevOps Institute.

 

Red Hat Ansible Automation Platform offers an easy-to-understand automation language, a vast array of IT ecosystem integrations, and enterprise features, such as an API and Role-Based Access Control (RBAC). This blog demonstrates how these capabilities can help accelerate your DevOps practices using simple, practical examples. 

This blog covers:

  • Using Ansible Automation Platform to automate DevOps tooling configurations.
  • Integration of Ansible Automation Platform into existing DevOps environments.
  • Orchestrating DevOps workflows using automation controller.
  • Use controller approvals to allow for final sign-off of services before production deployment.

Note

The examples shared in this blog are based on the “DevOps and CI/CD with automation controller” self-paced lab. Feel free to get hands-on and try it out!

 

Environment overview

Let’s explore the tools Continue reading

What’s new: an introduction to automation mesh

As part of the most recent Ansible Automation Platform 2.1 release announced December 2, 2021, we are excited to debut one of the most long-awaited features of the release: automation mesh

Automation mesh enables you to reliably and consistently automate at scale, across on-premises environments, the hybrid cloud, and to the edge. It delivers flexible design options, from single-site deployments to platform installations spanning the globe, wherever you are in your automation journey.

This blog details the benefits of automation mesh, a high-level overview of how it works, and how it helps you simplify scaling your automation across your enterprise environments. We are planning more detailed technical deep dive blogs with automation mesh use cases in the future, so stay tuned!

Why automation mesh?

Scaling automation across different platforms and locations is challenging. How do you ensure your automation executes consistently while still managing your platform centrally? How do you automate endpoints in remote areas with limited connectivity?

The best practice to overcome these challenges is delivering and running automation closer to the devices that need it. This design limits execution interruptions, which lead to inconsistent states, and possible downtime to IT services.

Enterprises, however, have multiple Continue reading

Red Hat Ansible Automation Platform 2: Migration strategy considerations

Red Hat Ansible Automation Platform 2 introduces an updated architecture, new tools and an improved but familiar experience to automation teams. However, there are multiple considerations for your planning and strategy to migrate your current deployment to Ansible Automation Platform 2.

This document provides guidance to all of the stakeholders responsible for planning and executing an Ansible Automation Platform migration guidance with factors to address in your migration strategy.

This document does not provide a one-size-fits-all approach for migration. Various factors unique to your organization will impact the effort required, stakeholders involved and delivery plan.

What to consider before migrating

We understand that many factors specific to your needs affect your migration assessment and planning. This section highlights critical factors to determine your migration readiness and what approach will best suit your organization.

Assess your current environment

There will be configurations unique to your environment, and it’s crucial to perform a thorough technical assessment. We recommend including the following:

  • Analyze your current Ansible Automation Platform installation, including current deployment patterns, integrations and any complexities relevant to the migration.

  • Determine changes needed in your environment to meet the Ansible Automation Platform 2 technical requirements.

  • Assess stakeholders’ readiness to plan and execute Continue reading

What’s new in Ansible Automation Platform 2: automation controller

AAP 2 dark flying As

Red Hat Ansible Automation Platform 2 is the next generation automation platform from Red Hat’s trusted enterprise technology experts. We are excited to announce that the Ansible Automation Platform 2 release includes automation controller 4.0, the improved and renamed Red Hat Ansible Tower.

Automation controller continues to provide a standardized way to define, operate and delegate automation across the enterprise. It also introduces new, exciting technologies and an enhanced architecture that enables automation teams to scale and deliver automation rapidly to meet ever-growing business demand.

Why was Ansible Tower renamed to automation controller?

As Ansible Automation Platform 2 continues to evolve, certain functionality has been decoupled (and will continue to be decoupled in 2.1) from what was formerly known as Ansible Tower. The naming change better reflects these enhancements and the overall position within the Ansible Automation Platform suite.

Who uses automation controller?

All automation team members interact with or rely on automation controller, either directly or indirectly.

  • Automation creators develop Ansible Playbooks, roles and modules.
  • Automation architects elevate automation across teams to align with IT processes and streamline adoption.
  • Automation operators verify that the automation platform and framework are operational.

These roles are not necessarily dedicated to Continue reading

Getting started with Ansible security automation: Incident Response

Technological advancements are intended to bring more control, agility and velocity to organizations. However, adopting these new technologies and techniques, such as cloud computing and microservices, increases an organization’s security footprint, bringing greater risk of security breaches. 

Cyberattacks potentially expose organizations to financial loss, reputational damage, legal liability, and business continuity risk. As a result, security teams are under increased pressure to help proactively protect organizations against cyberattacks and maintain a more consistent, rapid incident response framework to respond to security breaches. 

In our previous blogs in this series, we explored how Ansible security automation enables security teams to automate and simplify investigation enrichment and threat hunting practices. We also discussed and provided our answer to the lack of integration across the IT security industry.

In this blog post, we’ll have a closer look at incident response and how Ansible security automation empowers security teams to respond effectively to security breaches.

 

What is an incident response, and why is it so difficult?

Incident response is the approach and techniques that security departments implement to neutralize and mitigate cyberattacks, and is a core responsibility of the security team. Recent news headlines are rife with high-profile security breaches and Continue reading