Watch this SaltStack webinar to learn how IBM Cloud is automating SecOps for continuous compliance and efficient IT security at scale. Brian and Stephen are leading an effort across IBM Cloud global security, IT, and governance teams to scope, mitigate, and audit problems in hours rather than weeks across a substantial network infrastructure to stay ahead of rapidly proliferating threat landscape.
Learn how the team is automating and orchestrating the work of SecOps to deliver dramatic improvements in efficiency including a 75% reduction in the time needed to coordinate priorities between security and IT operations teams. IBM Cloud is now able to automatically roll out new security policies and quickly react to any new security threats using a comprehensive command and control platform that combines event-driven automation, remote execution, configuration management, policy definition and scanning, and vulnerability remediation.
Stephen Dumesnil, manager of network engineering compliance at IBM, says: “From a security and compliance standpoint, we really have a constant stream of security events and compliance requests. And all of these things have to be addressed in a timely manner
“So when my team formed less than a year ago, we started to optimize the process with what we had before we started leveraging SaltStack. What that looked like is they have a scanner and he medium they used to report to us was Jira. So you have all these Jira tickets for vulnerabilities–and compliance as well as they are meeting with auditors for all the certifications that we’re trying to maintain and achieve. They’re submitting requests for us to gather evidence about our network. So once we got to a certain point we said, ‘OK, we’ve kind of optimized this process. It’s going well but we can’t horizontally scale. I’m going to have to start asking for more people as we add more devices to the network, as we go after new certifications, as more vulnerabilities arise. So that’s what got us to look at SaltStack.”