New SaltStack SecOps Products Automate Vulnerability Remediation and Continuous Security Compliance

November 19, 2019 - Rhett Glauser

New SaltStack SecOps Products Automate Vulnerability Remediation and Continuous Security Compliance

SaltStack releases new SaltStack Protect product and enhances SaltStack Comply for collaborative, fully automated security operations

LEHI, Utah – Nov. 19, 2019 – SaltStack, the creators of intelligent automation for IT operations and security teams, today announced the general availability of SaltStack Protect to automate discovery and automate vulnerability remediation for security across web-scale infrastructure. SaltStack Protect is a new product now available in the SaltStack SecOps family of products and is additive to SaltStack Comply. SaltStack Comply automates the work of continuous compliance and has been updated with new CIS Benchmark content and a new SDK for the creation of custom security checks.

The SaltStack SecOps product family provides a collaborative platform for both security and IT operations teams to help customers break down organizational silos, offset security and IT skills gaps and talent shortages, and decrease the time required to find and fix critical security vulnerabilities.

“IT security does an excellent job at providing visibility into infrastructure vulnerabilities. But visibility doesn’t truly secure infrastructure,” said Marc Chenn, SaltStack CEO. “The massive amount of coordination and work required to actually fix thousands of infrastructure security vulnerabilities as quickly as possible is daunting. Vulnerability assessment and management tools require integrated and automated remediation to close the loop on IT security. SaltStack Protect gives security operations teams the power to control, optimize, and secure the entirety of their IT infrastructure while helping teams collaborate to mitigate risk.”

While most security products are built to find and prioritize vulnerabilities, SaltStack Protect actually automates the remediation of vulnerabilities by delivering closed-loop workflows that scan, detect, prioritize, and fix critical security threats. These capabilities include:

  • Native CVE scanning – Scans for both on-prem and cloud systems to detect pressing, relevant threats based on more than 12,000 CVEs across operating systems and infrastructure.
  • Intelligent vulnerability prioritization – To assess and prioritize threats for remediation, SaltStack collects real-time data on the configuration state of every asset in an environment and combines it with vulnerability information from SaltStack Protect to accurately differentiate vulnerabilities that are exploitable from those that are not.
  • Automated remediation – SaltStack Protect brings the power of automation to SecOps teams with an API-first solution that scans IT systems for vulnerabilities and then provides out-of-the-box automation workflows to remediate them.

Will Gregorian, CISO for a leading fintech platform, said, “Infrastructure complexity coupled with compliance requirements outpace the ability for the SecOps teams to stay ahead. We need to introduce the best of DevOps in information security to improve and make operations as nimble as possible. Development teams already know collaboration and automation as a force multiplier, the trick is to capture their methodologies in SecOps to advance initiatives. SaltStack SecOps fits nicely in the automation and collaboration narrative that security needs to make continuous infrastructure security compliance monitoring attainable.”

SaltStack Comply has been updated in this release with significant new features including new CIS Benchmark content for Windows 2012 R2, Windows 2016, Debian 9 and Ubuntu 18.04, and the much-requested ability to create custom security content. SaltStack Comply includes a new SDK which allows customers to create bespoke content to drive custom vulnerability assessments and remediations.

According to the June 2018 Forrester report, Reduce Risk And Improve Security Through Infrastructure Automation, “With threats at an all-time high, organizations can secure modern infrastructure only through automation. At the same time, the traditional gatekeeper role of I&O must evolve to become a policy enabler to complement and, ultimately, strengthen the work of security professionals.”

The report also noted that, “51% of global network security decision makers reported at least one breach in the past 12 months,” and that “automation tools provide a level of standardization across environments that was previously unachievable manually.”

SaltStack SecOps products are built on SaltStack Enterprise delivering a single platform for frictionless collaboration between security and IT teams. As a result, users of SaltStack SecOps products have reported a 95 percent decrease in the time required to find and fix critical vulnerabilities. While traditional security scanning tools can report reams of vulnerabilities that operations teams must investigate, prioritize, test, fix, and then report back to security, SaltStack eliminates nearly all of the manual steps typically associated with vulnerability remediation, potentially saving customers millions of dollars in time, resources, and redundant tools that do little to harden systems and protect against critical vulnerabilities and devastating exploits.

SaltStack set out to make the power of SaltStack event-driven automation and orchestration available to all security and IT professionals. It is now used by tens of thousands of IT operations, DevOps and site reliability engineering organizations around the world to control everything from a simple IoT devices to extremely complex, hyperscale infrastructure powering businesses such as IBM Cloud, eBay, and TD Bank.

SaltStack Comply and SaltStack Protect are now available via subscription. For more information or to schedule a demo, click here.

Additional resources:

About SaltStack
SaltStack® intelligent IT automation software is used to help the largest businesses in the world manage and secure their digital infrastructure. Known for its powerful event-driven infrastructure automation engine, SaltStack is designed to control, optimize, and secure the inherent complexity of Web-scale while providing efficient, collaborative solutions for ITOps, SecOps, NetOps, and DevOps teams.

Press Contact
Dex Polizzi
Lumina Communications