In this chapter, we created a playbook that generated a playbook to remediate any PCI-DSS non-compliance errors found during a scan. As well as being really cool, it is also really practical if you imagine you are running a few dozen servers that all need to be compliant, and also that they all need a full audit history.
You now have the foundations of a playbook that you can use to target those hosts daily, to both audit them and store the results away from the host itself, but also depending on your configuration, you have a way of automatically resolving any non-conformance found during the scan.
The scans we have been doing in this chapter have all been host-based; in the next chapter, we are going to look at how we can scan hosts remotely.