Risk R-007 - Malicious configuration deployment via Automation Platform
| Field | Value |
|---|---|
| Risk ID | R-007 |
| Asset | Ansible / Gitea Platform (Platform – Owner: Dev) |
| Scenario | S-006 - Compromise of automation platform |
| Likelihood | 🟧 Possible - access to playbooks or malicious commits could trigger automatic deployment |
| Impact | 🟥 High - automatic deployment of compromised configuration may propagate malware or misconfiguration throughout infrastructure |
| Risk Level | 🟥 High |
| Owner | Dev |
| Last Review | 2026-03-08 |
| Next Review | 2026-09-08 |
Associated Controls:
- Enforce code review for all automation playbooks before deployment.
- Use signed commits and secure repository access (RBAC, MFA).
- Isolate automation platform with restricted network access.
- Monitor deployments for abnormal activity and validate configurations via CI/CD checks.
- Maintain versioned backups of playbooks and configuration templates.
References:
- ISO 27001 - Control 5.1 Policies for information security.
- ISO 27001 - Control 8.2 Privileged access rights.
- ISO 27001 - Control 8.17 Change management.
- NIST CSF - PR.IP Information Protection Processes and Procedures.
- NIST CSF - PR.AC Identity Management, Authentication and Access Control.
- EBIOS RM - Analysis of risks related to automated configuration deployment and propagation.
Response Actions:
- Containment - Immediately halt automated deployments and isolate affected systems.
- Eradication - Remove malicious changes from playbooks and rollback affected systems to known-good configurations.
- Recovery - Redeploy validated configurations, ensure CI/CD pipelines are secure.
- Post-incident - Perform root cause analysis, update playbook approval procedures, and reinforce deployment safeguards.