Abstract
The increasing threat of cyberattacks requires enhanced measures to secure IT infrastructures. Red teams, which simulate targeted cyberattacks, play a crucial role in thiscontext. To ensure efficient and secure provisioning of red team infrastructure, this thesis investigates how Configuration-as-Code can contribute to the automation of core
components within a red team environment.
To this end, the thesis identifies the key requirements for red team infrastructures
and, based on these, develops a prototype for automated provisioning, which is evaluated in the final phase. The evaluation results clearly demonstrate the advantages
of an automated approach. Compared to a manual setup, the infrastructure can be
provisioned 16.4 percent faster. In addition to saving time, deployment errors can also
be avoided. Furthermore, the automated approach allows for the flexible integration of
new components. The infrastructure, once provisioned automatically, remains consistent
across multiple deployments and maintains a uniform level of quality. The structured
definition of all configuration parameters not only makes maintenance easier, but also
provides added value during development. This supports the tracking of configuration
errors or the gradual expansion of the infrastructure.
The findings of this thesis demonstrate that Configuration-as-Code can be effectively
applied even in heterogeneous environments such as red team infrastructures to improve
provisioning efficiency. The implemented prototype serves as a foundation for future
work aiming to further develop this approach.
| Date of Award | 2025 |
|---|---|
| Original language | German (Austria) |
| Supervisor | Thomas Grurl (Supervisor) |
Studyprogram
- Information Security Management