The How-To of Automation

  • Press

Ryan Mathus
April 6, 2021 68 views

Two individuals managing various work-related tasks and systems

Automation has grown over the last decade to enhance security protocol, reduce remediation timeframe, and speed up time for breach detections. When it comes to any possibility of a breech, time is absolutely critical. A few seconds to a few minutes can be the difference between having information be compromised or not. How do we stay ahead of all the information within the industry?  At Softrams, we built a platform code called Eagle that helps manage software supply chain and enable continuous compliance and security monitoring relying on the open-source tool eco-system. Let’s focus on one of the many components aiding in information automation. 

Diagram to show types of malware and their impact

For those of us in the security world, we know external threats are always present, evolving, and becoming increasingly sophisticated. It seems there is a new major threat emerging every week that could potentially affect multiple systems in use. Most of us, including the Security Team at Softrams, rely on the US-CERT bulletins published weekly to help determine the threat landscape. We depend upon supply chain for vendor-supplied updates to products, as do all businesses across the globe. 

One of the biggest constraints of parsing through the US-CERT bulletin was how time consuming and tedious it was. We had to go through the bulletin, create relevant tickets for software in the ecosystem, and then address those tickets to patch the affected systems. We set out to automate a portion of this process to improve our efficiency. This post will provide a brief overview of that automation. Also, we should note the time saved by introducing automation in the workflow can lead to further improvements in the overall framework. 

The Language 

First, we had to decide on a language to use to code the application. Since Softrams aims to be agile, nimble, and serverless; we hypothesized Python to be a powerful choice to use within AWS Lambda. Next, we set out to parse the US-CERT bulletin. The bulletins are released every Monday and are of the same formatted URL: /sbYY-DDD (where YY is the current two-digit year and DDD is the present day of the year). Obtaining the data and placing it into a data frame was the logical choice, and then parsing through each data frame based on the high, medium, and low vulnerabilities.  

The Code and Ticket Creation 

Next, we know what software is in our environment. An array of the relevant software was created and used to query against the data frame. Since Softrams teams follow the agile process of ticket creation; an Epic must be made first, followed by a story, followed by any subtasks. The ideal data within the Epic would be a link to the US-CERT Bulletin. The exemplary data within a story would be the first instance of the software used, followed by subtasks under that story to prevent the ticket board from becoming cluttered. Each ticket contained the summary of the issue, a link to the CVE, and the priority and due date (based on the score of the CVE and our internal process for resolving issues).  

Lambda 

Once the program was launched in AWS Lambda by engineers, a trigger was setup to run every Monday evening to obtain the latest US-CERT bulletin and automatically create the tickets. The automation of US-CERT ticket creation has cut down our time to remediate issues by approximately 30%. 

Benefits 

In today’s age where time is money, the automation of US-CERT ticket has led to significant timesaving for our team. It also eliminates any possibility of human error and shows how automation of a previously manual task can improve efficiencies. It allows us to be truly agile and quickly respond to any threats that are detected which leads to a safer and more protected environment for all.   



More Stories

  • Team members working together

    Building an Angular UX Framework

    Brett Mayen
    March 22, 2021

    Through the case study lens of the Softrams-built Health Plan Management System (HPMS) UX Framework, we will discuss the process of building and maintaining an Angular UX Framework and deploying its libraries to NPM.

  • Automating User Journey Tests

    Murali M
    April 9, 2021

    The need to ensure accessibility of user journey tests extends to each team member. Our open-source steps library enables everybody on the team, irrespective of their programming background, to be able to contribute to user journey tests. 

  • One for the Books: Softrams awarded CMS ARTS Contract

    Zara Ikram
    May 7, 2021

    Softrams has secured a new contract with Centers for Medicare and Medicaid Services Analysis, Reporting and Tracking System (CMS ARTS) for a five-year period valued at $2.5M. This marks the fourth new contract for Softrams in 2021.