Today we’re thrilled to announce the VMware vRealize Automation SaltStack SecOps integration with VMware Carbon Black Cloud Workload.
This new integration allows VMware customers to combine intelligent vulnerability insight from Carbon Black Cloud Workload with powerful IT automation from vRealize Automation SaltStack SecOps for closed-loop detection and remediation of dangerous vulnerabilities and misconfigurations. By integrating Carbon Black Cloud Workload and vRealize Automation SaltStack SecOps technologies, security and IT teams can bridge the gap between security and IT workflows and deliver the last mile of security remediation through a unified, automated solution.
Empowering IT and security teams with SecOps best practices
Security and IT operations teams must work together to keep modern data centers compliant and secure, but their efforts are often crippled by disparate toolsets, misaligned workflows, and competing priorities. Much like DevOps before it, SecOps (security + operations) is a movement created to facilitate collaboration between security and operations teams and integrate the technology and processes they use to keep systems and data secure.
vRealize Automation SaltStack SecOps helps IT and security teams work together to reduce risk and improve business agility with powerful event-driven automation and relevant, up-to-date security content. With this new integration, teams can now take advantage of Carbon Black Cloud powerful, comprehensive workload security to detect issues and then import them into vRealize Automation SaltStack SecOps for fast, full-scale remediation.
Importing Carbon Black Cloud Workload data for remediation
vRealize Automation SaltStack SecOps users can import the latest vulnerability results from Carbon Black Cloud Workload into the SaltStack SecOps console. vRealize Automation SaltStack SecOps will then analyze the results and inform the user which vulnerabilities are supported for automated remediation. At launch, the vRealize Automation SaltStack SecOps integration will provide automated remediation support for Windows OS advisories from Carbon Black Cloud Workload, with additional content planned.
Automating remediation with vRealize Automation SaltStack SecOps
Once advisories have been imported from Carbon Black, teams can prioritize them for fast full-scale remediation. Teams can review vulnerabilities by severity, machine type, CVE, or a variety of other variables and decide how and when to take action. When ready, a user can simply select the desired vulnerabilities and choose “remediate.” The powerful SaltStack Config automation engine will kick into action and patch systems or update configurations as required to remediate the vulnerability. Because it’s built on an decoupled, scalable event-driven automation system, remediations are fast and efficient—even at enterprise scale.
Empower your team with powerful, governed SecOps capabilities
While IT and security teams must work together to deal with today’s cybersecurity threats, organizations must also maintain proper governance and ensure each team is interacting with critical IT infrastructure within their scope of duties.
vRealize Automation SaltStack SecOps enables collaboration and quick action while supporting governance and control. Administrators can apply role-based access controls that allow security and IT professionals to work within their scope of duties to define compliance and security policies, scan systems against them, remediate issues, and track trends. Authorized users can even choose to add exemptions to systems or advisories as the business case requires.
Learn More
To learn more about VMware vRealize Automation SaltStack SecOps, here are some more resources:
- vRealize Automation SaltStack SecOps Website
- VMware vRealize Automation SaltStack SecOps Technical Blog
- vRealize Automation Website
- Carbon Black Cloud Tech Zone Article
- Carbon Black Cloud Workload Website
- Follow us on Twitter @vRealizeAuto and give us a shout with #vRealizeAutomation, #vRA and #vRASSC