SaltStack forms the basis of a comprehensive audit, remote execution, configuration management, patch, and baseline enforcement suite for the IBM Cloud network. This has replaced several disparate legacy tools with a single command and control layer that allows us to automatically roll out new security policies and quickly react to any new security threats. Problem scoping, mitigation, and audit is done in hours rather than weeks across our network.Brian Armstrong, Network Engineering Executive, IBM Cloud
Build custom policies with industry-standard compliance profiles, such as CIS and DISA STIGS, then apply them automatically across your digital footprint.
Run continuous, item-level policy checks to locate non-compliant systems or applications anywhere in your environment.
Use autonomous policy enforcement to fix violations automatically. Or kick off a remediation workflow so your teams can flag and prioritize issue resolution.
Escape Compliance Hell
Security and IT operations teams must work together to keep digital infrastructure compliant and secure, but efforts are often hampered by disparate toolsets, misaligned workflows, and competing priorities. It’s time for change.Download the SecOps White Paper
Harmony between security and IT
SaltStack SecOps delivers full-service, closed-loop automation for compliance and security. Finally, security and operations teams can work together to define compliance policy, scan all systems against it, detect issues, and actively remediate them—all from a single platform.
An actionable library of compliance profiles
SaltStack SecOps includes access to a live and growing repository of standard compliance profiles. Each profile includes hundreds of up-to-date issue scans, descriptions, and automated remediation actions. Available profiles include:
- Center for Internet Security (CIS)
- DISA Security Technical Implementation Guide (STIG)
- National Institute of Standards and Technology (NIST)
- Industry specific profiles, such as PCI and HIPAA
Real, automated remediation
SaltStack SecOps can automatically remediate policy violations detected anywhere in your systems. It can also create jobs for review and approval before changes are executed. SaltStack SecOps integrates with third-party systems like ServiceNow for change tracking and reporting.
Build policies fit for your business
There’s no such thing as a one-size-fits-all corporate security policy. SaltStack SecOps offers complete policy customization. Create custom checks, turn off irrelevant pre-built checks, or create exemptions and rules for specific machines as needed.
Know your IT security posture
No two corporate security policies are the same. Build custom security profiles with content from CIS, NIST, DISA STIGS, and vulnerability databases. Quickly scan your systems to understand where you’re at risk and how to prioritize remediation.
Take action with automated remediation
Remediation for compliance issues or vulnerabilities can be performed automatically or on a schedule. You maintain complete control of exactly what gets remediated, and when. SaltStack also integrates with existing change management processes in ServiceNow, Jira, and others.
Create audit-ready compliance reports
SaltStack SecOps keeps a complete record of your system compliance and provides native reports that can be shared with auditors or IT leadership. Data can also be exported as JSON, making it simple to create charts and reports in third-party BI tools.
API first for flexible management
SaltStack SecOps is an API-first platform that can be managed through an intuitive user interface or directly via API endpoints. SaltStack also includes role-based access controls so everyone on the team can utilize powerful automation within scope.