Today we’re thrilled to announce that VMware vRealize Automation Cloud customers can now add security and compliance capabilities to their environment with vRealize Automation SaltStack SecOps Cloud. This new component allows vRealize Automation Cloud customers to access the same powerful compliance and vulnerability remediation capabilities of vRealize Automation SaltStack SecOps, but in a SaaS delivery model.
Empowering IT and security teams with SecOps
Security and IT operations teams must work together to keep modern data centers compliant and secure, but their efforts are often crippled by disparate toolsets, misaligned workflows, and competing priorities. Much like DevOps before it, SecOps (security + operations) is a movement created to facilitate collaboration between security and operations teams and integrate the technology and processes they use to keep systems and data secure.
vRealize Automation SaltStack SecOps Cloud helps IT and security teams work together to reduce risk and improve business agility with powerful event-driven automation and relevant, up-to-date security content. Teams can now define an IT security policy, scan systems against it, detect issues, and actively remediate them—all from a single platform.
Build global compliance policies with CIS-certified content
Most organizations must comply with multiple regulations and standards (ISO 27000 series, HIPAA, PCI, NIST, etc), often made up of thousands of individual requirements and checks. The Center for Internet Security (CIS) provides tools designed to help cybersecurity and IT professionals stitch together and simplify requirements across multiple frameworks and regulations—making CIS the de facto compliance standard for many enterprises, worldwide.
vRealize Automation SaltStack SecOps Cloud includes a live database of certified content for CIS and DISA STIGs (Defense Information Systems Agency Security Technical Implementation Guides), allowing teams to build compliance policies that meet the needs of their unique organization and enforce them on deployed systems.
Enforce continuous compliance with event-driven automation
Enforcing Day 0 compliance is just the beginning. Too often, chasing compliance drift on existing systems can feel like a recurring nightmare. vRealize Automation SaltStack SecOps Cloud allows you to enforce Day 2 compliance by actively scanning for compliance drift and providing automated remediation routines to enforce approved security policies: saving resources, improving security posture, and reducing risk.
Integrated with VMware Carbon Black
vRealize Automation SaltStack SecOps Cloud customers can combine intelligent vulnerability insight from Carbon Black Cloud Workload with powerful IT automation from vRealize Automation SaltStack SecOps for closed-loop detection and remediation of dangerous vulnerabilities and misconfigurations. By integrating Carbon Black Cloud Workload and vRealize Automation SaltStack SecOps Cloud technologies, security and IT teams can bridge the gap between security and IT workflows and deliver the last mile of security remediation through a unified, automated solution.
In addition, vRealize Automation SaltStack SecOps Cloud allows you to ingest scans from Tenable, Rapid7, Qualys, and Kenna to remediate issues with fast, pre-built automation.
Empower your team with powerful, governed SecOps capabilities
While IT and security teams must work together to deal with today’s cybersecurity threats, organizations must also maintain proper governance and ensure each team is interacting with critical IT infrastructure within their scope of duties.
vRealize Automation SaltStack SecOps Cloud enables collaboration and quick action while supporting governance and control. Administrators can apply role-based access controls and that allow security and IT professionals to work within their scope of duties to define compliance and security policies, scan systems against them, remediate issues, and track trends.
To learn more about VMware vRealize Automation SaltStack SecOps Cloud, here are some more resources: