Today we’re thrilled to announce the general availability of VMware vRealize Automation SaltStack SecOps: the new compliance and vulnerability management component of vRealize Automation. VMware customers can now add SaltStack SecOps to vRealize Automation and employ full-service, closed-loop automation for IT operating system and infrastructure compliance and vulnerability remediation across their on-prem, cloud, or hybrid environments.
Empowering IT and security teams with SecOps
Security and IT operations teams must work together to keep modern data centers compliant and secure, but their efforts are often crippled by disparate toolsets, misaligned workflows, and competing priorities. Much like DevOps before it, SecOps (security + operations) is a movement created to facilitate collaboration between security and operations teams and integrate the technology and processes they use to keep systems and data secure.
vRealize Automation SaltStack SecOps helps IT and security teams work together to reduce risk and improve business agility with powerful event-driven automation and relevant, up-to-date security content. Teams can now define an IT security policy, scan systems against it, detect issues, and actively remediate them—all from a single platform.
Build global compliance policies with CIS-certified content
Most organizations must comply with multiple regulations and standards (ISO 27000 series, HIPAA, PCI, NIST, etc), often made up of thousands of individual requirements and checks. The Center for Internet Security (CIS) provides tools designed to help cybersecurity and IT professionals stitch together and simplify requirements across multiple frameworks and regulations—making CIS the de facto compliance standard for many enterprises, worldwide.
vRealize Automation SaltStack SecOps includes a live database of certified content for CIS and DISA STIGs (Defense Information Systems Agency Security Technical Implementation Guides), allowing teams to build compliance policies that meet the needs of their unique organization and enforce them on deployed systems.
Enforce continuous compliance with event-driven automation
Enforcing Day 0 compliance is just the beginning. Too often, chasing compliance drift on existing systems can feel like a recurring nightmare. vRealize Automation SaltStack SecOps allows you to enforce Day 2 compliance by actively scanning for compliance drift and providing automated remediation routines to enforce approved security policies: saving resources, improving security posture, and reducing risk.
Close the loop on vulnerability management
Security scanners can report avalanches of vulnerabilities that operations teams must translate into IT tickets, investigate, prioritize, test, fix, and then report back to security. vRealize Automation SaltStack SecOps brings the power of vulnerability automation to operations teams by scanning IT systems for over 22,000 OS and infrastructure vulnerabilities and then providing out-of-the-box automation workflows to remediate them.
In addition to native vulnerability scanning, vRealize Automation SaltStack SecOps also allows you to ingest scans from 3rd party solutions—including Tenable, Rapid7, Qualys, and Kenna—and remediate issues with fast, pre-built automation.
Empower your team with powerful, governed SecOps capabilities
While IT and security teams must work together to deal with today’s cybersecurity threats, organizations must also maintain proper governance and ensure each team is interacting with critical IT infrastructure within their scope of duties.
vRealize Automation SaltStack SecOps enables collaboration and quick action while supporting governance and control. Administrators can apply role-based access controls and that allow security and IT professionals to work within their scope of duties to define compliance and security policies, scan systems against them, remediate issues, and track trends.
To learn more about VMware vRealize Automation SaltStack SecOps, here are some more resources: