Scheduling and automation tools enable us to automate tasks such as continuous integration and continuous delivery. They are able to do this by providing the following fairly standard services:
- A web-based UI we can use to configure them
- Usually, a REST-based API so that we can use their features programmatically
- The ability to authenticate against its local store or possibly another service (OAuth/Security Assertion Markup Language (SAML))
- They all fundamentally give us a clear way to automate tasks to suit our workflow
Most security-related automation does boil down to doing a similar task over and over again and looking at the differences. This is especially true when you are in the line of doing security operations and security assessments.