Automation Flashcards
Orchestration
The automation of multiple steps in a deployment process
Orchestration is the automation of the automations
CI/CD (4 Stages)
Continuous Integration/Continuous Deployment 4 Stages:
Development
Testing/Integration
Staging
Production
Continuous Integration
Code is constantly written & merged to central repository
Devs can work seamlessly without stepping on each other’s toes
Helps ensure the app builds correctly & doesn’t introduce new issues
Continuous integration detects and resolves development conflicts early and often
Continuous Delivery
Focuses on automated testing of code in order to get it ready for release
Automate the testing process
Automate the release process
Goes through all tests, requirements, and validations to get ready for staging/deployment
Can involve packaging build into .exe or .iso
Continuous Deployment
Automatically deploy to production
No human integration or manual checks
Could be deployed into cloud environment
Continuous deployment focuses on automated testing and release of code in order to get it into the production environment more quickly
Can deploy everything for staging, and then bring into production
DevOps
An organizational culture shift that combines software development and systems operations by referring to the practice of integrating the two disciplines within a company
Operations and developers can build, test, and release software faster and more reliably
DevSecOps
A combination of software development, security operations, and systems operations by integrating each discipline with the others
DevSecOps utilizes a shift-left mindset
• Integrate security from the beginning
• Test during and after development
• Automate compliance checks
IaC
Infrastructure as Code:
A provisioning architecture in which deployment of resources is performed by scripted automation and orchestration
IaC allows for the use of scripted approaches to provisioning infrastructure in the cloud
Snowflake System:
Any system that is different in its configuration compared to a standard template within an infrastructure as code architecture
Lack of consistency leads to security issues and inefficiencies in support
IaC: Idempotence
A property of IaC that an automation or orchestration action always produces the same result, regardless of the component’s previous state
IaC uses carefully developed and tested scripts and orchestration runbooks to generate consistent builds
AI
Artificial Intelligence:
The science of creating machines with the ability to develop problem solving and analysis strategies without significant human direction or intervention
ML
Machine Learning:
A component of AI that enables a machine to develop strategies for solving a task given a labeled dataset where features have been manually identified but without further explicit instructions
Machine learning is only as good as the datasets used to train it
ANN
Artificial Neural Network:
An architecture of input, hidden, and output layers that can perform algorithmic analysis of a dataset to achieve outcome objectives
A machine learning system adjusts its neural network to reduce errors and optimize objectives
Deep Learning
A refinement of machine learning that enables a machine to develop strategies for solving a task given a labeled dataset and without further explicit instructions
Deep learning uses complex classes of knowledge defined in relation to simpler classes of knowledge to make more informed determinations about an environment
Fake Telemetry
Machine learning can interpret big data to identify the invisible
Attacker will add their own fake telemetry to convince AI that malware is benign
SDV
Software-Defined Visibility:
You must see traffic to secure the data
React & respond
Dynamic deployments include security & network visibility devices
NGFW, SIEM, WAF
Data is encapsulated & encrypted
SDV can provide visibility to traffic flows
Identify & react to threats
