Over the last few years SaltStack has invested a considerable amount of R&D to build a comprehensive IT orchestration and automation platform used by tens of thousands of IT operations and DevOps organizations around the world. SaltStack intelligent automation (Enterprise SecOps) is used to control everything from a simple Philips Hue light bulb to extremely complex, massive infrastructure powering businesses such as IBM Cloud, eBay, or TD Bank.

With SaltStack Enterprise 6.0 we set out to make the power of the SaltStack event-driven automation and orchestration available to all security and IT professionals, from support techs to CTOs, and from security analysts to CISOs.

SaltStack Enterprise 6.0

When we began development on the SaltStack Enterprise 6.0 release we had two key goals in mind. First we wanted to make it easier for SaltStack users to manage and secure their entire IT infrastructure, from core data center server infrastructure to IoT and network devices at the edge. Second, we wanted to introduce focused solutions that specifically address the most common use cases and pain points in ITOps, NetOps, and SecOps.

SaltStack Enterprise 6.0 ships with a completely redesigned user interface guided by user-centered design principles. Every view in the SaltStack Enterprise console has been updated. The new console is designed around actual customer workflows and supports their most-common tasks. With a focus on usability and simplicity, the SaltStack Enterprise console elements are consistent across the product. This effort was heavily influenced by hundreds of customer interviews conducted during the last year and at SaltConf18.

So what’s new?

Simplified asset targeting

SaltStack includes more than 100 grains (system attributes) which can be used to create infrastructure target groups. These grains and groups can be used to target assets to run jobs against. These grains can be IP addresses, operating system versions, BIOS versions or even a custom grain such as an asset location set through the SaltStack grains interface. In SaltStack Enterprise 6.0 we simplified the workflow to make these target groups be much more intuitive.

Simplified permissions management

With great power, comes great responsibility. SaltStack Enterprise has always included role based access controls (RBAC), but version 6.0 completely redefined the presentation of these permissions. We have created “Tasks” which simplify groups of permissions around common use cases like accepting minion keys, creating target groups, etc. This helps admins provide permissions to only the tasks needed by the individual or role on the team.

In addition to simplified permissions, all system administration functions such as creating users or configuring active directory are now consolidated under a single tab.

New elements tab

All elements required to create one or more user tasks such as jobs, schedules, state files, and pillars are now consolidated under a new “Elements” tab. Users can now configure all aspects of their tasks from a single place.

SaltStack Enterprise SecOps

The most significant addition to SaltStack Enterprise is the new SaltStack SecOps add on.
SaltStack SecOps builds on the power of SaltStack Enterprise and is unique in providing a single platform for security and IT operations teams teams to collaborate better and provide continuous compliance for digital infrastructure. It allows users to build security policies, scan any system or infrastructure for compliance, actively remediate any non-compliant or misconfigured systems, and then continuously enforce compliance on the assets managed within the policy.

SaltStack SecOps was recently highlighted as one of the “hottest” and “coolest”products at the RSA Conference and InfoSecWorld.

Watch a quick demo of SaltStack SecOps here: SaltStack SecOps Product Introduction

SaltStack SecOps content subscription

SaltStack SecOps ships with a new content subscription feed which includes access to SaltStack state files developed by SaltStack content team to support various security policy compliance profiles. This content is tested by SaltStack and has already achieved numerous certifications from the Center for Internet Security (CIS).

This SaltStack SecOps content feed is continuously updated with new content such as CIS Benchmarks, DISA STIG profiles, Windows, Linux, Kubernetes, and Docker. Many more types of content are coming soon.

Users can update their content without having to update the underlying SaltStack Enterprise software or impacting any of the policies they have been created with the product. Of course the content feed is also available via offline download for air-gapped environments.

SaltStack Enterprise 6.0 and SaltStack SaltStack SecOps have been months in the making with tireless efforts from teams all across SaltStack. We are excited to get the latest SaltStack automation in your hands and there is much more to come. Let us know how we can support the automation and orchestration of your IT management and security requirements.

To get started with SaltStack Enterprise and SaltStack SecOps request access to a trial version.