Automation is an essential way to apply quick mitigation for any security-rule violation. You can use automation to revert changes against desired configurations and alert the security team—for example, if someone added admin users in your system and an open firewall to an unauthorized port or IP address. Applying automation in security systems has become popular with the concept of DevSecOps. DevSecOps is about adding security at every part of application development and operation. You will learn more about DevSecOps in Chapter 12, DevOps and Solution Architecture Framework.

Create secure architectures and implement security control that is defined and managed as code. You can version-control your security as a code template, and analyze changes as required. Automated security mechanisms as software code help you scale security operations more rapidly, in a cost-effective way.