Automation - All Articles - CISO Platform2024-03-29T08:49:58Zhttps://www.cisoplatform.com/profiles/blogs/feed/tag/AutomationDon’t boil the ocean. Start with that.https://www.cisoplatform.com/profiles/blogs/don-t-boil-the-ocean-start-with-that2019-08-22T02:00:00.000Z2019-08-22T02:00:00.000ZDrew Brownhttps://www.cisoplatform.com/members/DrewBrown<div><p><em>Don’t boil the ocean. Start with that.</em></p><p>Before I dipped my toes into security I did a stint as an application administrator. I was responsible for managing system and application monitoring. More performance and capacity monitoring than anything but there is a clear overlap in tools that capture logs and generate alerts based on thresholds, e.g. an IBM Tivoli monitoring, HP EMS, or Microsoft SCOM and a SIEM.</p><p>My employer had just one of those tools at the time I started and then management wanted to implement a second, though I cannot explain the why on that decision. I digress.</p><p>I recall specific conversations about the data the tool(s) were gathering. The console was overwhelmingly full with just a few devices being monitored. Rules and response, even rules for response were necessary. I might still have the email from a co-worker who asked if he was to “crawl through the phone to choke a user out if they fat fingered their password again.” At least it was an entertaining time.</p><p>I happened to search for “best practices” and tips for setting up a SIEM, after all the SIEM is an extension of good monitoring. I found 5 and 7 step lists from a few vendors and then from SANS a pretty comprehensive and helpful list. <br /> 1. log all relevant events<br /> 2. define the scope of coverage<br /> 3. define what events constitute a threat<br /> 4. detail what should be done about them in what time frame<br /> 5. document when they occurred and what was done<br /> 6. document where both the events and follow up records can be found<br /> 7. document how long events and tickets are kept</p><p><em><strong>What I’m going to recommend is counter to what the vendors suggested. Both had items either the 3rd for 4th priority, to collect as much data points as possible. I strongly disagree with this at the outset.</strong></em></p><p>The problem with monitoring tools is noise. Too much noise and we stop listening. Too many false positives and the real positives are ignored. Too much noise and critical events are overlooked. Don’t believe me? Look at Target, or <a href="https://www.cisoplatform.com/profiles/blogs/the-legal-case-for-capital-one-aws-security-breach-a-short-synops" target="_blank">Capitol One</a> or any other major breach where the breached entity had some type of monitoring in place:</p><p><br /> 1. Establish Requirements First /Identify Compliance Requirements<br /> 2. Have a Comprehensive Incident Response Plan (IRP) <br /> a.Detail what should be done about them, by whom, and in what time frame<br /> 3. Determine Scope <br /> a.Monitor Access to Critical Resources<br /> b.Defend Your Network Boundaries<br /> 4. Begin with a Pilot Run <br /> a.Collect only what you need NOT: As Much data, as Possible<br /> 5. Review and modify correlation rules<br /> 6. Define what events constitute a threat <br /> a.Know your entity’s risks and appetite for risk<br /> 7. Walk through events manually before automation <br /> a.Align this process with your IRP<br /> 8. Continuously Refine Your SIEM Deployment <br /> a.With success in one event type, move to another event type<br /> b.Leverage synthetic transactions, crawlers and other tools to simulate events and test your workflow</p></div>Automation Mistakes: Avoiding Your Next Failurehttps://www.cisoplatform.com/profiles/blogs/automation-mistakes-avoiding-your-next-failure2021-03-04T05:00:00.000Z2021-03-04T05:00:00.000ZRay Parkerhttps://www.cisoplatform.com/members/RayParker<div><p><span style="font-weight:400;">Quality Assurance processes today thrive on software test automation techniques. Automation has been a revolutionary tool for the testing community simply due to its effectiveness and reliability. Test automation is the practice of utilizing special tools to carry out pre-configured tests automatically. These tests are required to determine the performance, reliability, and functionality of an application. Automation also allows for regression tests to be conducted at much higher speeds and accuracy.</span></p><p><span style="font-weight:400;">Test automation is end-to-end automation of a spread of tests and support functions associated with performing such tests. QA engineers who are well-versed in writing automation scripts usually find it easier to utilize test automation effectively. However, with the emergence of codeless defect tracking automation tools, even non-technical testers can perform a large number of functional and non-functional tests with a touch little bit of training and with greater ease. Successful test automation allows businesses to:</span></p><ul><li style="font-weight:400;"><span style="font-weight:400;">Decrease their time-to-market</span></li><li style="font-weight:400;"><span style="font-weight:400;">Manage and optimize the cost of operations</span></li><li style="font-weight:400;"><span style="font-weight:400;">Increase their ROI</span></li><li style="font-weight:400;"><span style="font-weight:400;">Maintain applications free of bugs and errors</span></li><li style="font-weight:400;"><span style="font-weight:400;">Achieve high levels of customer satisfaction</span></li><li style="font-weight:400;"><span style="font-weight:400;">Roll out frequent and timely updates</span></li></ul><p><span style="font-weight:400;">So while end-to-end test automation can be seen as the one-stop solution for most, why do many businesses struggle to succeed at its proper implementation? Today, we’ll be discussing some of the most common mistakes you can avoid, turning your next automation into a success.</span></p><ol><li style="font-weight:400;"><strong>Too much automation implementation isn’t required</strong><span style="font-weight:400;"><br /> </span> <span style="font-weight:400;">Anything in excess can soon prove to be detrimental to the entire effort. This is why QA technicians need to keep a lighter approach when it comes to <a href="https://techworldtimes.com/top-automation-testing-companies/" target="_blank">test automation</a>. And while the temptation to automate all types of tests may be strong, knowing when to pick your battles is key. Strategize where the implementation is required and only proceed once its requirement is truly needed.</span><span style="font-weight:400;"><br /> <br /> </span></li><li style="font-weight:400;"><strong>Trying to achieve 100% test coverage well before needed</strong><span style="font-weight:400;"><br /> </span> <span style="font-weight:400;">Each test must function independently of the previous and therefore the next. This ensures that the whole testing activity goes unhinged albeit a few of the tests fail to execute on their own. The thought is to preserve the pliability of agile testing.</span><span style="font-weight:400;"><br /> <br /> </span></li><li style="font-weight:400;"><strong>Putting all your eggs in the Single Ever-Expanding Test Case basket</strong><span style="font-weight:400;"><br /> </span> <span style="font-weight:400;">Do not place your bets on one test suit. it's important to remain narrow and focused. The test suit should specialize in testing the functional or non-functional aspect it had been intended for. When using the test automation tool, it's important to thoroughly examine your test suit-supported client requirements. Simply, rushing in to try and align everything into an expanding test suit will complicate the activity.</span><span style="font-weight:400;"><br /> <br /> </span></li><li style="font-weight:400;"><strong>Not being trained on the appropriate tools of use</strong><span style="font-weight:400;"><br /> </span> <span style="font-weight:400;">Utilizing incorrect tools or the proper set of tools without proper training results in failure in your overall test automation execution. To attenuate the time of coaching for your employees, a codeless defect tracking tool (</span><a href="https://www.kualitee.com/defect-management-tool/" target="_blank">product reference )</a> <span style="font-weight:400;">can further simplify the task of getting superior outcomes.</span><span style="font-weight:400;"><br /> <br /> </span></li><li style="font-weight:400;"><strong>Not implementing a DevOps approach to testing workflow</strong><span style="font-weight:400;"><br /> </span> <span style="font-weight:400;">Test Automation and DevOps often go together. it's important to foster a culture of openness between multiple teams and departments. When roles and accountability of various members within the team are clearly outlined in a transparent manner, it becomes easier to unravel complex challenges in a much quicker timeline. This is often crucial to stay at pace with the speed and scale of test automation.</span></li></ol><p><span style="font-weight:400;">To build and maintain a successful and functional application, test automation and its robust implementation is a factor you should consider. By ensuring that your test automation strategy accounts for the right set of tools, coverage over a vast range of environments, and includes detailed test cases, you can guarantee the avoidance of the most common pitfalls occurring today.</span></p></div>