Automation is used all over the world of it. And it's certainly used within the world of IT security. So what I want to do in this episode is talk about some of the automation strategies we use to secure infrastructure. Now, unlike what people think we don't just do automation because we're lazy. Automation provides two big features that we really like. Number one, automation gives us the ability to do something at a very specific time, every time with complete clockwork, if you need something done every day, automated if you need something done every hour, automate it.
Secondly, automation does something the exact same way every time. So unlike three or four commands that I might type in as a human, we can create automated scripts that will automatically do these things for us. And they'll do it the same way every time. So automation gets it every time we want it. And automation does it the same way every time. So with that in mind, I want to run through some scenarios that you'll be running into, I promise you that you'll run into at least two of these on the security plus exam.
So let's just go through some of these. The first one I want to talk about where automation is incredibly handy is let's imagine a situation where you have a classroom with 24 computers in there. And at the end of the day, you need to reset all of these systems. I total seminars, we use a tool called ghost Norton's ghost has been around forever. And it's a wonderful tool that allows us to take one image, and we take that image and restore it out to all of the individual computers. With just a few clicks on one keyboard.
We also see these types of restoring done like for example, within Windows itself, in this case, we don't actually use an image per se. We'll go ahead and use installation media. So I guess that would be an image. But what we'll do instead is we'll have a template and this template is going to have things like what do you got to name the computer? What different applications do you want to have installed those types of things. And then it will take that image and then using a template file, customize that image to be able to do whatever type of image restoration we need to do.
Another big place we see automation is in continuous monitoring of network devices. using tools like SNMP. We have applications. Here's one, this is Zabbix that we use here at total seminars that allows us to monitor all of our many different network devices scattered throughout the office. Number three would be something as simple as automatic updates of operating systems. I know we don't think about it so much, but Windows update is a wonderful tool.
And it is a complete automation process. And it doesn't really just stop with the iOS. Microsoft will update all of its applications. And also, it's hard to find a system that doesn't do this anymore. drivers get updated. individual applications may not use Windows Update, but they use their own update process.
Even games today all get pretty much automate. major updates. Next is going to be monitoring hosts for application whitelisting. Now in other episodes, we talked about the idea of application whitelisting. But a lot of these tools will do continuous monitoring, where they're going to be watching every individual host monitoring for unauthorized installations, keeping track of inventory. And all of this is done completely automatically.
Then we have things like application development. Now I'm no programmer, but we sure do write a lot of code here at total seminars, and to have automated tools that take care of the application development process. It really speeds things up. In other episodes, we talked about things like fuzzing, for example, the ability to test for bad inputs into web applications. So a lot of times within application development, we use kinesis integration tools that will do things like fuzzing, static testing. All of this is handled automatically during the actual upload or downloading of code from the developer.
Themselves. Last is not so much a strategy but more of a make sure you're aware of the tools. And that is the idea of built in tools versus shells. So many applications have automated scripting tools built into them that you can take advantage of. But also keep in mind that pretty much every operating system has some type of shell, like, for example, the popular Windows PowerShell, which allows us to generate amazing scripts to do just about anything we want. Keep in mind of these different types of automation strategies, I guarantee you'll be seeing one, if not two of these on the exam.