Authors :
Aakarsh Mavi
Volume/Issue :
Volume 10 - 2025, Issue 7 - July
Google Scholar :
https://tinyurl.com/4tfm7suj
Scribd :
https://tinyurl.com/mubft7ht
DOI :
https://doi.org/10.38124/ijisrt/25jul1858
Note : A published paper may take 4-5 working days from the publication date to appear in PlumX Metrics, Semantic Scholar, and ResearchGate.
Note : Google Scholar may take 30 to 40 days to display the article.
Abstract :
As supply chain networks become more complex, they’re also becoming more vulnerable to cybersecurity threats.
To stay secure, organizations need more than just automated tools that fix issues—they need systems that can constantly
monitor their environment, report on compliance, and evolve with new threats. While most traditional security automation
frameworks focus on enforcing policies and patching vulnerabilities, they often fall short when it comes to real-time visibility
and ongoing improvement.
This paper builds on the existing SecAuto Toolkit [5] by introducing three critical additions: Monitoring, Reporting,
and Continuous Improvement layers. These new components ensure that security events are tracked in real time, compliance
with standards is automatically verified, and the system can adapt as new threats emerge. Additionally, integrating Software
Bills of Materials (SBOMs) into the supply chain security process has proven essential for identifying vulnerabilities in third-
party components and maintaining transparency in software dependencies. [9]
The enhanced framework combines Ansible automation with SIEM tools, compliance dashboards, and machine
learning to deliver proactive and intelligent threat management. Designed specifically for supply chain environments, this
approach helps organizations stay secure by providing real-time insights, automating audits, and continuously refining their
security posture over time.
Keywords :
Cybersecurity, Supply Chain, Ansible, Nist, Siem, Compliance, Automation, Continuous Improvement.
References :
- National Institute of Standards and Technology (NIST). (2018). Framework for Improving Critical Infrastructure Cybersecurity (Version 1.1). NIST. Retrieved from https://www.nist.gov/cyberframework
- Zhang, Y., & Zhang, X. (2019). Automated Security Monitoring and Compliance Management using Ansible. International Journal of Computer Applications.
- Talwar, S., & Mavi, A. (2023). AN OVERVIEW OF DNS DOMAINS/SUBDOMAINS VULNERABILITIES SCORING FRAMEWORK. International journal of applied engineering and technology, 5(S4), 274–280. https://romanpub.com/resources/Vol.%205%20No.%20S4%20(July%20-%20Aug%202023)%20-%2027.pdf
- Talwar, S. (2022). Securing Cloud-Native Dns Configurations: Automated Detection of Vulnerable S3-Linked Subdomains. International journal of applied engineering and technology, 4(2), 270–278. https://romanpub.com/resources/Vol.%204%20No.%202%20(September%2C%202022)%20-%2033.pdf
- Talwar, S., & Mavi, A. (2023). SECAUTO TOOLKIT - HARNESSING ANSIBLE FOR ADVANCEDSECURITY AUTOMATION. International Journal of Applied Engineering & Technology, 5(5S), 2478–2491. https://romanpub.com/resources/Vol.%205%20No.%20S5%20(Sep%20-%20Oct%202023)%20-%2013.pdf
- Barker, K., & Harris, D. (2020). Cybersecurity Automation in Supply Chain Management: A Case Study Approach. International Journal of Cybersecurity, 12(3), 45-62
- Cameron, S., & Thomas, E. (2018). Leveraging Ansible for Security Automation: Best Practices and Frameworks. Journal of Information Security and Applications, 44, 51-62 Almeida, M., & Rodrigues, L. (2019). Integrating Risk
- Management and Automation in Supply Chain Security: A Comprehensive Framework. Journal of Industrial Engineering and Management, 12(4), 201-217
- Osha Shukla, 2025, Software Supply Chain Security: Designing a Secure Solution with SBOM for Modern Software Ecosystems, IJERT, Vol. 14, Issue 04. https://www.ijert.org/software-supply-chain-security-designing-a-secure-solution-with-sbom-for-modern-software-ecosystems
10. Osha Shukla, 2025, Enhancing Threat Intelligence and Detection with Real-Time Data Integration, IJERT, Vol. 14, Issue 04. https://www.ijert.org/research/enhancing-threat-intelligence-and-detection-with-real-time-data-integration-IJERTV14IS040201.pdf
As supply chain networks become more complex, they’re also becoming more vulnerable to cybersecurity threats.
To stay secure, organizations need more than just automated tools that fix issues—they need systems that can constantly
monitor their environment, report on compliance, and evolve with new threats. While most traditional security automation
frameworks focus on enforcing policies and patching vulnerabilities, they often fall short when it comes to real-time visibility
and ongoing improvement.
This paper builds on the existing SecAuto Toolkit [5] by introducing three critical additions: Monitoring, Reporting,
and Continuous Improvement layers. These new components ensure that security events are tracked in real time, compliance
with standards is automatically verified, and the system can adapt as new threats emerge. Additionally, integrating Software
Bills of Materials (SBOMs) into the supply chain security process has proven essential for identifying vulnerabilities in third-
party components and maintaining transparency in software dependencies. [9]
The enhanced framework combines Ansible automation with SIEM tools, compliance dashboards, and machine
learning to deliver proactive and intelligent threat management. Designed specifically for supply chain environments, this
approach helps organizations stay secure by providing real-time insights, automating audits, and continuously refining their
security posture over time.
Keywords :
Cybersecurity, Supply Chain, Ansible, Nist, Siem, Compliance, Automation, Continuous Improvement.
