Authors : Dipesh Poudel

Volume/Issue : Volume 11 - 2026, Issue 4 - April

Google Scholar : https://tinyurl.com/4yswbdxa

Scribd : https://tinyurl.com/yvynkhad

DOI : https://doi.org/10.38124/ijisrt/26apr1068

Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.

Abstract : The rise of configuration-related vulnerabilities in Linux environments has increased the need for automated and scalable security hardening frameworks. Although CIS Benchmarks provide prescriptive guidelines for secure configuration, organizations continue to struggle with manual enforcement, configuration drift, and delayed detection of anomalies. This study proposes an integrated automation framework combining Wazuh SIEM, Ansible, and a FastAPIbased orchestration layer to enforce CIS controls, detect configuration drift, and remediate misconfigurations in real time. The framework was deployed and validated across multiple Ubuntu endpoints. Quantitative evaluation demonstrated an improvement in CIS compliance scores from 36% to 83%, along with significant reductions in Mean Time to Detect (MTTD) and Mean Time to Remediate (MTTR) through automated playbook execution. Unlike prior studies that treat compliance enforcement, detection, and remediation as disjoint processes, this work formalizes and empirically validates a closed-loop compliance automation model with measurable detection and remediation latencies. Although validated on Ubuntu using Wazuh, the proposed architecture is tool-agnostic and transferable to other security benchmarks, including NIST and STIG.

Keywords : CIS Benchmark, Automated Compliance, Ubuntu Security, Wazuh SIEM, Ansible Automation, FastAPI Orchestration, Continuous Monitoring, Security Configuration Assessment, Real-Time Remediation, System Hardening, NIST, STIG, MTTD, MTTR.

References :

1. Ahmed, M., Khan, S., & Riaz, O. (2022). Evaluation of open-source SIEM solutions for enterprise security management. Journal of Cybersecurity Research.
2. Alla, M. (2025). Designing high-throughput FastAPI gateways for microservice communication.
3. Journal of Computer Science and Technology Studies, 7(7), 823–828. https://doi.org/10.32996/jcsts.2025.7.7.88
4. Alharbi, B., & Storer, T. (2020). Automating compliance checking using infrastructure-as-code tools: A systematic review. Information and Software Technology, 121, 106268. https://doi.org/10.1016/j.infsof.2019.106268
5. Almorsy, M., Grundy, J., & Müller, I. (2021). An analysis of the current state of DevSecOps. Computers & Security, 108, 102407.
6. Almorsy, M., Grundy, J., & Ali, S. (2022). A survey on security automation in DevSecOps pipelines. ACM Computing Surveys, 55(10), 1–38. https://doi.org/10.1145/3533371
7. Canonical. (2022). Ubuntu Server documentation. Canonical Ltd. https://ubuntu.com/server/docs
8. Center for Internet Security. (2020). CIS benchmarks: Security configuration guidelines. CIS. https://www.cisecurity.org/cis-benchmarks
9. Center for Internet Security. (2021). CIS Benchmarks.
10. Faruq, M. O. (2025). A meta-analysis of cybersecurity framework integration in governance, risk and compliance (GRC) platforms: Evidence from U.S. enterprise audits. Journal of Sustainable Development and Policy, 1(1), 1–18. https://jsdp-journal.org/index.php/jsdp/article/view/10
11. García-Teodoro, P., López-Martín, M., & Tapiador, J. (2021). A survey on security information and event management systems: Challenges and opportunities. Computers & Security, 102, 102148. https://doi.org/10.1016/j.cose.2020.102148
12. Ghaffarian, S., & Shahriari, H. (2017). Vulnerability discovery and exploitation in modern computing environments: A survey. Computers & Security, 73, 1–29.
13. Ghanem, M. C., Chen, T. M., Ferrag, M. A., & Kettouche, M. E. (2023). ESASCF: Expertise extraction, generalization and reply framework for an optimized automation of network security compliance [Preprint]. arXiv. https://arxiv.org/abs/2307.10967
14. Khan, R., Shrestha, A., & McLaughlin, J. (2021). Configuration management automation in cloud environments. IEEE Access, 9, 11239–11250. https://doi.org/10.1109/ACCESS.2021.3050812
15. Kritzinger, E., & Vorster, A. (2020). A comparative analysis of open-source SIEM tools. South African Journal of Information Management, 22(1), 1–9.
16. Pasunoori, V. (2025). Emerging trends in API gateways for cloud microservices: A technical deep dive. International Journal of Research in Computer Applications and Information Technology, 8(1), 298–309. https://iaeme.com/Home/article_id/IJRCAIT_08_01_027
17. Red Hat. (2022). Automating security and compliance with Ansible. Red Hat Publications.
18. Sallapalli, N. (2024). Microservices in the oil & gas industry: Enhancing scalability and efficiency with FastAPI. International Journal of Computer Engineering and Technology, 15(6), 328–336. https://iaeme.com/MasterAdmin/Journal_uploads/IJCET/VOLUME_15_ISSUE_6/IJCET_15_06 _028.pdf
19. Sharma, P., & Kapadia, S. (2020). Effectiveness of CIS benchmarks in reducing system misconfigurations. International Journal of Security Research, 8(2), 45–57.
20. Verizon. (2023). 2023 Data Breach Investigations Report (DBIR). Verizon Enterprise Solutions. https://www.verizon.com/business/resources/reports/dbir/
21. Wazuh. (2024). Wazuh documentation: Security configuration assessment & monitoring. Wazuh
22. Inc. https://documentation.wazuh.com
23. White, L., Walker, I., Harris, P., & Adelusi, J. B. (2022). API gateway design and management in microservices. ResearchGate. https://www.researchgate.net/publication/392126083_API_Gateway_Design_and_Management_i n_Microservices
24. Williams, C., & Dabirsiaghi, A. (2019). The DevSecOps Playbook: Automating Security in the Software Development Pipeline. O'Reilly Media.