Compliance and regulation concept. Enforcement of laws, regulations, and standards, requirements, internal policies and procedures. Minimize legal and financial risks, protect corporate reputation.
VMware Cloud Foundation Security & Compliance VCF Advanced Services VMware Advanced Cyber Compliance

How VMware Salt Automates Compliance Across Private Cloud

,

Continuous Compliance

Maintaining compliance is a significant challenge because IT infrastructure is a moving target that changes continually. What if compliance wasn’t a quarterly hurdle, but a process that happened automatically and continuously?

VMware Cloud Foundation (VCF) gains powerful capabilities through VMware Salt. Offered as part of the VMware Advanced Cyber Compliance (ACC) add-on, VMware Salt transforms manual, periodic efforts into continuous, automated governance. This shift significantly reduces the recovery time also known as the mean time to repair (MTTR) for potential security issues.

VMware Salt extends compliance and configuration management across private cloud workloads with high scale and precision. This integration helps automate complex environments while helping ensure security and availability remain operationally continuous—not just event-driven.

Open Source Salt Project

A key part of our compliance strategy is Broadcom’s ongoing contributions to the Salt Project. VMware Salt relies on a large, active community that helps ensure the open software project remains robust, secure, and compatible with the latest operating systems.

We are grateful to the community members who help build, maintain, and support the open-source Salt Project. The enterprise product within VMware Advanced Cyber Compliance (ACC) is built on this same open software. 

Please also join the active conversation on the Discord community here.

The open-source repository on GitHub is at this location.

The VMware Salt Working Groups empower community members to collaborate directly with the core VMware Salt team to set project goals, guide technical decisions, and propel specialized initiatives forward. Here is the VMware Salt Working Group Meeting calendar if you want to participate.

Take a look at the quickstart guide for VMware Salt here

Broadcom engineers also contribute directly to the open-source Salt Project. The enterprise product within ACC builds on these same open software, ensuring customers benefit from both community innovation and enterprise-grade support.

VMware Salt Compliance Content

The VMware Salt benchmarks and vulnerability packages are continually being updated. To be notified of new updates, sign up on the Broadcom support portal notifications for “VMware Salt.” For example, here is the April 2026 update VMware Salt Compliance Update Package – April 2026 which is now available. It is important to note that this is a SecOps package update for the VMware Salt platform, providing essential compliance content and benchmarks, rather than a standalone version release.

This package includes the CIS v3.0 Benchmark for RHEL 8 and is fully compatible with VMware Salt 8.18 and VCF Automation (Aria Automation Config 8.17). To download the package, please refer to the VMware Salt TechDocs.

Quick update on the Broadcom support portal: VMware Salt notifications have been consolidated. To stay current on release announcements and security patches, please make sure you’re subscribed to the new ‘VMware Salt’ notification.

How to subscribe: Look for “Notification Settings” in the top right corner of your Broadcom support profile. Please go ahead and sign up for the VMware Salt notifications which can be found via the notification search capability which is available after clicking on the on the top right corner next to your profile. This way you can keep up to date on VMware Salt critical alerts, product advisories, release announcements, security advisories, and other updates. Also feel free to select other components you are interested in as well.

Figure 1. Enable notifications in the Broadcom support portal.

Configuration State Management at Scale

Modern private clouds require more than basic task execution. VMware Salt provides an event-driven engine designed for true enterprise scale, where declarative state management replaces reactive configuration fixes.

VMware Advanced Cyber Compliance operationalizes governance through two critical capabilities:

Continuous Compliance at Scale
VMware Salt continuously validates workloads against rigorous standards—whether Center for Internet Security (CIS) benchmarks or internal audit requirements. This continuous validation keeps infrastructure audit-ready with minimal manual intervention.

Automated Drift Remediation
Infrastructure changes constantly. When workload configuration drift occurs—an opened port, a modified setting—VMware ACC detects and corrects the deviation automatically, restoring infrastructure to its defined secure state. 

VMware Salt manages state across thousands of nodes through its declarative approach, helping ensure infrastructure maintains its desired configuration without manual oversight.

Technical Deep Dive

To see these capabilities in practice, watch a deep dive into the benefits of VMware Advanced Cyber Compliance with VMware Salt.In this episode of the Virtually Speaking Podcast, hosts Pete Flecha and John Nicholson sit down with Vincent Riccio. They explore the evolution of automation with VMware Salt and its strategic role within VCF.

Figure 2. Watch the video podcast covering VMware Salt.

The video discussion covers several key topics:

  • Drift remediation: VMware Salt continuously maintains desired system states, detects configuration drift, and automatically corrects issues in real-time using a reactor and beacon system.
  • Security and compliance: Built-in compliance and vulnerability scanning utilizing Center for Internet Security (CIS) benchmarks, including Ubuntu security checks.
  • Flexibility and support: Multi-language automation support (YAML, Python, and JSON) and robust Windows management capabilities using WinRepo.

VMware Salt fits into the broader ecosystem of VMware Advanced Services to help customers operate more securely at scale.

Enhancing Private Cloud Governance

The VMware Advanced Cyber Compliance Advanced Services add-on delivers new capabilities for private cloud governance. VMware Salt’s inclusion into VMware Advanced Cyber Compliance transforms compliance from periodic manual audits into operationally continuous processes. This integration strengthens cyber risk management while providing security and availability across private cloud infrastructure.

VMware Salt strengthens security by proactively preventing configuration drift that creates vulnerabilities, dramatically reducing MTTR through automatic detection and remediation, and maintaining continuous compliance validation. The result: infrastructure that stays secure, compliant, and audit-ready—automatically.

Ready to Simplify Compliance?

VMware Advanced Cyber Compliance webpage

Virtually Speaking Podcast VMware Advanced Cyber Compliance with VMware Salt

GitHub VMware Salt Project

QuickStart VMware Salt

VMware Salt Working Group Meeting calendar

VMware Salt Documentation

Discover more from VMware Cloud Foundation (VCF) Blog

Subscribe to get the latest posts sent to your email.

Sehjung Hah

Sehjung Hah is a Product Marketing Engineer at Broadcom focusing on VMware Cloud Foundation. He has held a range of industry roles across product management, technical marketing, sales enablement, and…

Vincent Riccio

Related Articles