New SaltStack SecOps Products Automate Vulnerability Remediation and Continuous Security Compliance
November 2019 by Marc Jacob
SaltStack announced the general availability of SaltStack Protect for automated discovery and remediation of security vulnerabilities across web-scale infrastructure. SaltStack Protect is a new product now available in the SaltStack SecOps family of products and is additive to SaltStack Comply. SaltStack Comply automates the work of continuous compliance and has been updated with new CIS Benchmark content and a new SDK for the creation of custom security checks.
The SaltStack SecOps product family provides a collaborative platform for both security and IT operations teams to help customers break down organizational silos, offset security and IT skills gaps and talent shortages, and decrease the time required to find and fix critical security vulnerabilities.
While most security products are built to find and prioritize vulnerabilities, SaltStack Protect actually automates the remediation of vulnerabilities by delivering closed-loop workflows that scan, detect, prioritize, and fix critical security threats. These capabilities include:
● Native CVE scanning - Scans for both on-prem and cloud systems to detect pressing, relevant threats based on more than 12,000 CVEs across operating systems and infrastructure.
● Intelligent vulnerability prioritization - To assess and prioritize threats for remediation, SaltStack collects real-time data on the configuration state of every asset in an environment and combines it with vulnerability information from SaltStack Protect to accurately differentiate vulnerabilities that are exploitable from those that are not.
● Automated remediation - SaltStack Protect brings the power of automation to SecOps teams with an API-first solution that scans IT systems for vulnerabilities and then provides out-of-the-box automation workflows to remediate them.
Will Gregorian, Addepar CISO, said, “Infrastructure complexity coupled with compliance requirements outpace the ability for the SecOps teams to stay ahead. We need to introduce the best of DevOps in information security to improve and make operations as nimble as possible. Development teams already know collaboration and automation as a force multiplier, the trick is to capture their methodologies in SecOps to advance initiatives. SaltStack SecOps fits nicely in the automation and collaboration narrative that security needs to make continuous infrastructure security compliance monitoring attainable.”
SaltStack Comply has been updated in this release with significant new features including new CIS Benchmark content for Windows 2012 R2, Windows 2016, Debian 9 and Ubuntu 18.04, and the much-requested ability to create custom security content. SaltStack Comply includes a new SDK which allows customers to create bespoke content to drive custom vulnerability assessments and remediations.
According to the June 2018 Forrester report, Reduce Risk And Improve Security Through Infrastructure Automation, "With threats at an all-time high, organizations can secure modern infrastructure only through automation. At the same time, the traditional gatekeeper role of I&O must evolve to become a policy enabler to complement and, ultimately, strengthen the work of security professionals.”
The report also noted that, “51% of global network security decision makers reported at least one breach in the past 12 months,” and that “automation tools provide a level of standardization across environments that was previously unachievable manually.”
SaltStack SecOps products are built on SaltStack Enterprise delivering a single platform for frictionless collaboration between security and IT teams. As a result, users of SaltStack SecOps products have reported a 95 percent decrease in the time required to find and fix critical vulnerabilities. While traditional security scanning tools can report reams of vulnerabilities that operations teams must investigate, prioritize, test, fix, and then report back to security, SaltStack eliminates nearly all of the manual steps typically associated with vulnerability remediation, potentially saving customers millions of dollars in time, resources, and redundant tools that do little to harden systems and protect against critical vulnerabilities and devastating exploits.
SaltStack set out to make the power of SaltStack event-driven automation and orchestration available to all security and IT professionals. It is now used by tens of thousands of IT operations, DevOps and site reliability engineering organizations around the world to control everything from a simple IoT devices to extremely complex, hyperscale infrastructure powering businesses such as IBM Cloud, eBay, and TD Bank.