The Rise of Infrastructure Automation for Vulnerability Remediation at RSA Conference 2020

March 3, 2020 - Mehul Revankar

Another RSA Conference 2020 is now behind us. Every year RSAC aims to be different, sometimes it’s a new theme, a new trend, or even a breakthrough technology. If our booth traffic and the eight awards we received at RSAC were any indication, there is substantial demand for real solutions to the challenge of vulnerability remediation and infrastructure security policy enforcement. It was great to see the security industry as represented at RSAC endorsing and seeking out infrastructure automation tools built to deliver vulnerability remediation and continuous compliance to ultimately provide closed-loop infrastructure security. More on this later.

At the same time, this year was very different for the wrong reason –– a virus. Not a computer virus but an actual, biological virus called Coronavirus with potential widespread impact. When RSAC finalized “Human Element” as the theme for 2020 it is unlikely this was the kind of human element they had in mind.

In the weeks leading up to the conference, there was uncertainty around whether the event would happen or not. As a proud sponsor of RSAC, of course we were concerned about the impact of calling off the conference. The uncertainty started to get real when IBM and other major vendors such as AT&T pulled out.

In the end, IBM ended up re-purposing their booth space as a scan-free zone. Well played considering the less than ideal circumstances.

IBM Security booth at RSAC 2020
The IBM Security booth became “scan free” thanks to coronavirus.

Thankfully, RSAC organizers did a fantastic job of managing concerns of both attendees and sponsors by proactively communicating their plans daily and weekly with all the latest updates. They also implemented health and safety measures by disinfecting high touch areas continuously throughout the day. The RSAC team, and many sponsors including SaltStack, also offered disinfectant wipes, hand sanitizing stations across the conference, and took many additional measures to help keep the “Human Element” comfortable and healthy. 

SaltStack Awards and Recognition at RSAC 2020

2020 SC Awards

Despite coronavirus concerns, SaltStack had an amazing week at RSAC. SaltStack SecOps was awarded the 2020 SC Awards Trust Award in the category of “Best Risk / Policy Management Solution.” SaltStack was also a 2020 SC Awards finalist in the category of “Best Enterprise Security Solution.” SC Awards are one of the most-coveted awards in the cybersecurity industry.

SaltStack SC Awards Trust Award winner
SaltStack wins the 2020 SC Awards Trust Award in the category of Best Risk / Policy Management Solution.
The SaltStack team accepts the 2020 SC Awards Trust Award.

CSO Online RSA 2020’s Hottest Products

On day one of RSAC CSO Online named SaltStack Protect 6.2 one of the hottest products, which is an amazing honor…especially considering this is the second year in a row we’ve been named to the list. The 6.2 release included a SaltStack integration with vulnerability scan data and added automated compliance enforcement for CIS Benchmarks for Windows Server 2012 and Windows Server 2019.

You can always try a hosted instance of SaltStack Enterprise for a first-hand, self-guided tutorial.

CSO Online - RSA 2020 hottest products

Even More Awards

SaltStack and SaltStack products also won five other awards last week. They are:

  • Cyber Defense Magazine InfoSec Awards 2020 in the categories of:
    • Compliance
    • InfoSec Startup of the Year
    • Patch and Configuration Management
    • Vulnerability Assessment, Remediation, and Management
  • Cybersecurity Excellence Awards Silver winner
SaltStack awards at RSAC 2020

A Lineup of RSAC Interviews & Presentations

Security Weekly

I was lucky enough to kick off RSAC in the Security Weekly recording booth. Paul, Matt, and I worked together at Tenable years ago and it was fun to talk to them about our shared vision for closed-loop vulnerability remediation. I was excited to tell them how we just delivered it with SaltStack Protect 6.2 which includes an integration with to automate the import and remediation of vulnerabilities. We also talked about some of the upcoming features in the SaltStack SecOps portfolio of products. Listen to the interview to learn more.

The Rise of DevSecOps

Later in the week Alex Peay, SaltStack SVP of Product & Marketing, joined a BrightTALK panel to discuss the evolution and future of DevSecOps. This was a lively discussion between companies that each brought their own perspectives and experiences to the panel with the common goal of making applications and infrastructure more secure through new and improved DevOps processes that put security first. Watch or listen to the BrightTALK panel discussion here. 

Women in Security (WoSec)

The big RSAC announcement for Women in Security (WoSEC) group was that they now have SaltStack as a founding sponsor and are ready to grow the organization. WoSEC began in 2019 and has rapidly grown during the past year. WoSEC is an organization that creates a space for women, and those who identify as women, in the cyber security community to meet together and support one another’s growth and advancement in their industry. They look forward to an even stronger year of growth with SaltStack as a founding sponsor. 

WoSEC president and co-founder, Chloé Messdaghi, said, “I’m incredibly thankful to SaltStack for being the WoSEC founding sponsor. With their support, we will be able to make our dreams become a reality this year.”

Our very own Janae Robinson represented SaltStack at the WoSEC launch party at RSA. Janae said, “Women are underrepresented in the tech community and it’s not for lack of capability.” She discussed the commitment of SaltStack to help remove hurdles that stand in the way of the advancement of women in tech SaltStack is making waves in cyber security with both our technology and with all of the amazing people behind the tech.

SaltStack is Rising

It was amazing to see the infosec market at RSAC recognize and applaud SaltStack efforts to automate security operations, vulnerability remediation, and continuous compliance. We get excited about helping the people of IT and security be more collaborative and inclusive. In a single week, RSAC represented what SaltStack has become and we couldn’t be happier. Learn more about SaltStack SecOps products here, or contact us for a demo.