Security Automation Scripts
Lesson 10 of 10
The Scenario
You are tired of manually blocking IPs after brute force attacks, manually checking certificate expiration dates, and manually reviewing firewall rules for cleanup. These are repetitive security tasks that a script can handle — and AI can write that script.
Scenario 1: Auto-Block After Failed Logins
The Prompt:
Write a Python script that:
1. Reads the auth log file (/var/log/auth.log or Cisco ASA syslog)
2. Finds IPs with more than 5 failed SSH/VPN logins in the last hour
3. Automatically adds those IPs to a blocklist on the Palo Alto firewall via API
4. Logs every block action with timestamp, IP, and reason
5. Has a whitelist of IPs that should never be blocked (management IPs)
6. Runs every 5 minutes via cron
Scenario 2: Certificate Expiry Checker
The Prompt:
Write a Python script that:
1. Reads a list of domains/IPs and ports from a CSV
2. Connects to each and checks the SSL certificate expiration date
3. Flags any certificate expiring within 30 days as WARNING, within 7 days as CRITICAL
4. Sends a Slack alert for any WARNING or CRITICAL findings
5. Generates a report showing all certificates and their expiry dates
Scenario 3: Firewall Rule Cleanup
The Prompt:
Write a Python script that:
1. Pulls all security rules from Palo Alto via API
2. Checks the hit count for each rule (rules with 0 hits in 90 days)
3. Flags unused rules for review
4. Identifies rules with "any" in source AND destination (overly permissive)
5. Generates a cleanup report with recommended actions
Review and Validate
- Auto-blocking is powerful but dangerous — always test with a dry-run mode first
- Whitelist your own management IPs — you do not want to lock yourself out
- Certificate checking requires outbound connectivity — ensure the script can reach all endpoints
- Firewall rule cleanup should never auto-delete — only flag for human review
Try It Yourself
Pick the scenario most relevant to your environment. Generate the script with AI, test on a non-production system, then schedule it.
Subscribe to unlock this lesson
₹7,999/year
Full access to all 10 lessons in this course, plus 74 more lab courses, quizzes, and AI mock interviews. 365 days.
Already have an account? Sign in