SaltStack Infrastructure Automation Now Integrated with for Closed-Loop Vulnerability Remediation

February 12, 2020 - Rhett Glauser

SaltStack Infrastructure Automation Now Integrated with for Closed-Loop Vulnerability Remediation

New SaltStack release also delivers CIS-certified content for Windows Server, and an integration with Splunk for real-time analysis of SaltStack events and machine data

LEHI, UTAH – February 12, 2020 – SaltStack®, the creators of intelligent automation for security operations and IT teams, today announced several new features and capabilities introduced in version 6.2 of SaltStack Enterprise, SaltStack Protect, and SaltStack Comply. Now generally available, SaltStack Protect integrates infrastructure automation and configuration management with the vulnerability management solution for closed-loop vulnerability remediation. SaltStack Comply now includes CIS-certified content for Windows Server 2012 and Windows Server 2019, and SaltStack Enterprise integrates with Splunk for event-driven automaton and monitoring.

Andrew Johnson, Payroc information security manager, said, “SaltStack Protect integrated with substantially simplifies our ability to remediate infrastructure vulnerability at scale. The more we can break down tool and process-imposed silos that exist between our security and operations teams the more confident we become in our ability to truly secure IT. We’re looking forward to more SecOps innovation from the SaltStack team.” 

SaltStack Protect 6.2 can now import vulnerability assessment scan results to intelligently automate vulnerability remediation. SaltStack infrastructure automation integrated with world-class vulnerability management solution helps security and IT teams streamline vulnerability remediation. This integration helps speed security enforcement, reduces threats caused by imperfect infrastructure cyber hygiene, and allows security operations teams to effectively collaborate within an all-in-one, actionable vulnerability management and remediation platform.

Robert Dale, MAN Energy Solutions IT architect, said, “The new integration with SaltStack Protect drives notable efficiency into our patch management and vulnerability remediation workflows. The elimination of spreadsheets and PDFs alone from our vulnerability management communications is such a big win for our security operations team. SaltStack Protect is unique in its ability to automate infrastructure security.”

SaltStack Comply 6.2 includes access to certified-CIS content for Windows Server 2012 and Windows Server 2019. SaltStack Comply customers can use this new Windows Server content to drive continuous compliance with industry-validated security policies across mission-critical, hybrid cloud infrastructure.

The SaltStack Enterprise 6.2 integration with Splunk allows SaltStack customers to configure the Splunk Universal Forwarder to make SaltStack-generated events and machine data easily consumable in Splunk for indexing and analysis.

This release also optimizes communications between the Salt Master and the SaltStack Enterprise Operations Framework, adding an intermediate SQLite database layer to queue events from a Salt Master to SaltStack Enterprise to further boost SaltStack industry-leading speed and scalability. SaltStack Enterprise customers should expect to realize 20 times more throughput for event processing. In addition, this update keeps queued events persistent across network communication failures and Salt Master restarts. This capability also adds the ability to forward SaltStack events to any Salt Returner such as Redis, a SQL database, or even a local file.

“With this release we are helping our customers enforce comprehensive cyber hygiene across crucial digital infrastructure,” said Marc Chenn, SaltStack CEO. “We are closing the gap between security and IT teams, while closing the loop between vulnerability management and true vulnerability remediation. We are doing our part to extend and enhance our customers’ cyber security investments while enabling security operations teams to stay one-step ahead of rapidly moving, always evolving security threats. The more we’re able to unify SecOps people, processes, and tools, the better chance business has to deliver continuous compliance and infrastructure security at scale.”

SaltStack Enterprise 6.2 is now available via subscription. Join this webinar to see a live demo of SaltStack integrated with for closed-loop vulnerability remediation, or click here for more information. 

Meet the SaltStack team at RSA Conference 2020 in booth #3129 between the north and south expo halls. Visit the SaltStack event page for RSA Conference 2020 to schedule a live demo or a one-on-one meeting with the SaltStack executive team.

About SaltStack
SaltStack® intelligent IT automation software is used to help the largest businesses in the world manage and secure their digital infrastructure. Recognized for its powerful event-driven approach to hybrid cloud infrastructure configuration and control, SaltStack software delivers continuous compliance and vulnerability remediation while providing collaborative solutions for IT and SecOps teams.

Press contact
Dex Polizzi
Lumina Communications