SaltStack SecOps first to deliver intelligent automation for continuous compliance and collaborative vulnerability remediation

Lehi, Utah – April 4, 2019 – SaltStack, the creators of intelligent automation for IT operations and security teams, announced the general availability of SaltStack®️ Enterprise 6.0 and the new SaltStack®️ SecOps add-on module for autonomous security policy compliance and vulnerability remediation at scale.

SaltStack SecOps is unique in providing IT operations and security teams with a collaborative, event-driven automation and orchestration platform. SaltStack SecOps scans IT systems against custom or industry standard security policies then automates the remediation of security vulnerabilities associated with misconfigured, non-compliant infrastructure.

From continuous detection to true resolution, SaltStack SecOps is the only cybersecurity product to deliver natively integrated, fully automated infrastructure security compliance at enterprise scale.

The initial release of SaltStack SecOps helps IT and security teams collaborate to fully automate:

  • Policy definition – Build custom policies or utilize industry-certified compliance profiles such as CIS and DISA STIGS.
  • Infrastructure scanning – Run continuous, item-level policy checks to locate any non-compliant, misconfigured systems or applications.
  • Compliance enforcement – Use autonomous remediation to fix policy violations, or initiate change workflows for issue resolution.

SaltStack SecOps delivers continuous compliance aligned with consensus-based CIS best practice standards and is currently CIS Benchmark certified to assess configuration and compliance of Oracle Linux 7, Red Hat Enterprise Linux 7, and CentOS Linux 7.

SaltStack SecOps can also be used today to scan Docker, Kubernetes, Windows, and many other infrastructure components for policy compliance.

Marc Chenn, SaltStack CEO, said, “Rapidly proliferating exploits, non-stop vulnerabilities, regulatory demands, and infrastructure scale and complexity combine to create a substantial challenge for cybersecurity professionals. SaltStack SecOps is uniquely positioned to help digital business stay ahead of cybersecurity threats by automatically discovering infrastructure vulnerabilities and hardening at-risk systems before it’s too late. SaltStack SecOps is the automation needed to enforce continuous compliance across any enterprise infrastructure.”

SaltStack SecOps is already winning awards and was named one of the hottest new cybersecurity products at RSA 2019 by CSO Online.

SaltStack SecOps customer perspective Brian Armstrong, IBM Cloud network executive, said, “SaltStack forms the basis of a comprehensive audit, remote execution, configuration management, patch, and baseline enforcement suite for the IBM Cloud network. This has replaced several disparate legacy tools with a single command and control layer that allows us to automatically roll out new security policies and quickly react to any new security threats. Problem scoping, mitigation, and audit is done in hours rather than weeks across our network.”

Stephen Dumesnil, IBM Cloud network engineering governance manager, said, “After applying SaltStack SecOps automation and orchestration to our existing governance processes we are seeing dramatic improvements in team and tooling efficiency. For example, we’ve seen a 75% reduction in the work simply needed to coordinate priorities between our security and IT operations teams. SaltStack SecOps will be the catalyst to helping IBM Cloud achieve the goal of continuous compliance while optimizing collaboration and output between our global security, IT, and governance teams.”

Licensing and availability

SaltStack Enterprise 6.0 is now available via a subscription license based on managed nodes. SaltStack SecOps is an add-on module available to SaltStack Enterprise customers. Contact SaltStack sales for pricing.

Additional resources

About SaltStack SaltStack® intelligent IT automation software is used to help the largest businesses in the world manage and secure their digital infrastructure. Known for its powerful event-driven IT automation engine, SaltStack is designed to control, optimize, and secure the inherent complexity of Web scale while providing efficient, collaborative solutions for ITOps, SecOps, NetOps, and DevOps teams. https://www.saltstack.com

Media contact:

Rhett Glauser

[email protected]