Malware is one of the biggest challenges faced by the security community. It impacts everyone who gets to interact with information systems. While there is a massive effort required in keeping computers safe from malware for operational systems, a big chunk of work in malware defenses is about understanding where they come from and what they are capable of.
This is the part where Ansible can be used for automation and enabling experts who do malware analysis. In this chapter, we will look at various workflows which are all for classification, analysis of malware using tools like Cuckoo Sandbox, and more. Also, we will be looking into creating Ansible playbooks for labs for isolated environments and for collection and storage with secure backup of forensic artifacts.