Our virtual user conference SaltConf21 will be November 3-4! Call for Speakers will be open June 14 - July 26.

SecOps Automation, Vulnerability Remediation, and Black Hat USA 2019

The twenty second year of Black Hat USA 2019 is now behind us. As hosts of SaltConf19 ourselves, we are uniquely aware of the effort required to put on a great show and we have a special appreciation for a job well done. The Black Hat events team did a great job and put on a great show, so kudos to the team. This year was the first time SaltStack sponsored the conference. Here are some of the highlights and observations from Black Hat.

Black Hat USA 2019 hot take

As expected, vulnerability management, threat detection and response was front and center at the conference. If you were to follow the money and use Diamond sponsorship you’d see approximately 70% of the vendors at this sponsorship level addressed one or more of these critical market demands.

The conference began with an excellent keynote from Dino Dai Zovi titled Every Security Team is a Software Team Now. It was special in so many ways that most keynotes are not. It was a deeply personal and relatable experience coming from a person who has been part of the industry for more than 20 years and worked up the ranks to lead security at Square.Dai Zovi, joked if you attend Black Hat for 20 straight years, the next time you get to give a keynote.

Overheard in the SaltStack booth

In dozens of conversations in our Black Hat booth, five themes became entirely clear:

  • Digital infrastructure is growing exponentially and inherently becoming more complex
  • Complexity and scale creates a security challenge
  • Security threats are exploiting known vulnerabilities more efficiently
  • People alone can’t stay ahead of the imminent crush associated with the work of securing infrastructure
  • Existing security tools aren’t doing enough to automate the work of security operations

We observed the prioritization of IT security challenges and explained how it all related to Maslow’s hierarchy of needs and basic cyber hygiene. At Black Hat 2019 SaltStack introduced the arrival of a new and game-changing vulnerability remediation module in SaltStack SecOps. SaltStack had its roots in systems management and infrastructure automation and so it was natural for us to use that expertise to change the way IT is secured through vulnerability management and remediation. In our Black Hat booth we demonstrated the new vulnerability remediation module coming in SaltStack SecOps 6.1. If you missed it, here is a video overview:

If you would like to get a closer look we are currently accepting SaltStack SecOps 6.1 beta applications.

And finally we closed out Black Hat with an on-site interview with the team at Security Weekly. We discussed industry challenges with configuration management and vulnerability remediation.

SaltStack awards and recognition

SaltStack went into Black Hat USA 2019 on the heels of two awards and notable recognition from Gartner and Forrester.

First, SaltStack was recognized by the Cyber Defense Media Group as a Black Unicorn Awards finalist. The Black Unicorn award is given to cybersecurity companies that have the potential to reach a $1 billion dollar market valuation as determined by private or public investment.

Second, SaltStack SecOps was named a winner of the People’s Choice Stevie® Award in the category of Endpoint Security Management Solution.

And finally, both Gartner and Forrester recognized SaltStack in multiple research notes. Gartner publishes hundreds of research notes every year and Hype Cycle reports are consistently the most consumed. Gartner customers use the Hype Cycle to separate market hype from the reality of day-to-day IT and security operations. SaltStack is delighted to be shortlisted as a representative vendor in the following Hype Cycle reports:

This week Forrester published the Forrester Wave: Infrastructure Automation Platforms, Q3 2019. Forrester applied 31 criteria in their evaluation of infrastructure automation platform providers and ultimately identified the eleven most significant providers. SaltStack is ranked as one of the strongest performers in this Wave with a scalable, easy-to-use infrastructure automation platform comparable to those from the biggest IT software vendors in the world.

Black Hat USA 2019 was a great conference for SaltStack. We received valuable feedback on the new vulnerability remediation module and we can’t wait to get it into the hands of our customers.