 
        	    Photo by Kenneth Berrios Alvarez on Unsplash
Response automation with Shuffle
Mix It Up
As an administrator, you will be familiar with the need for automation and have probably already automated updates and backups, creating new users, distributing software, and scaling your infrastructure. Shuffle [1] gives you an automation platform ideal for linking the REST APIs of popular security tools for automation with a view to security orchestration, automation, and response (SOAR).
Shuffle fetches the input from your monitoring tools (e.g., an intrusion detection system) and passes this input on to any number of other tools for further action, such as to your network management tool to isolate an affected host. Ultimately, the faster your response, the more difficult you make it for attackers to navigate your infrastructure successfully.
Installing Shuffle
Even during installation, you can benefit from the advantages of automation because the Shuffle developers give you a ready-made configuration for Docker Compose. To load the Git project and prepare to launch the tool, use the commands:
git clone https://github.com/Shuffle/Shuffle cd Shuffle sudo install -d -m 0755 -o 1000 -g 1000 shuffle-database
Before you can launch Shuffle, you need to configure the settings for your instance in the .env file. What you definitely have to edit is the specifications for SHUFFLE_DEFAULT_USERNAME and SHUFFLE_DEFAULT_PASSWORD, where you save the username and password for your initial admin user. You can also assign an API key directly in the next line to access Shuffle with the REST API. If you want to run the tool behind a proxy, do not forget to specify the proxy, too. Take a quick look at the other settings and adjust them to your environment, if needed. To call Shuffle, use the command:
docker compose up -d
Docker then loads the required images
...Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
 
            
		





 
         
         
        