DEVOPSdigest

SaltStack announced new features available in SaltStack Enterprise 6.3 that integrate best-of-breed IT monitoring and vulnerability management solutions, including Splunk, Tenable, Qualys, Rapid7, and Kenna Security.

These features enhance the security capabilities of and lessen the operational burdens on ITOps and SecOps teams.

The integration with Splunk will improve SaltStack users’ ability to monitor the health of their SaltStack infrastructure and automate incident response. Additionally, the ability to directly import vulnerability scan data from Tenable, Qualys, and Rapid7 will simplify vulnerability management workflows while the integration with Kenna Security will help ITOps and SecOps teams automate and prioritize vulnerability remediation based on risk to ensure that the most at-risk systems are patched and secured before damage can occur.

SaltStack’s integration with Splunk will enable a greater number of customers worldwide to use SaltStack to automate security actions based on Splunk events. Moreover, its integrations with Tenable, Qualys, and Rapid7, which together account for almost 70 percent of all current vulnerability management revenue according to IDC, will improve the abilities of ITOps and SecOps teams to operationalize vulnerability management and more effectively remediate risks using SaltStack Protect.

Additionally, SaltStack’s direct integrations with risk-based vulnerability management (RBVM) vendors such as Tenable.io, using its Vulnerability Priority Rating (VPR), and Kenna Security, using its Risk Score, will streamline the remediation of critical vulnerabilities, therefore reducing the overall risk profile of an organization.

SaltStack Enterprise 6.3 also introduces several features that enhance IT monitoring, response automation, and the SaltStack user experience to ensure that the challenges of Day 2 operations do not generate additional risk. These include a new performance and health dashboard coupled with a Prometheus-compatible metrics endpoint that allows users to dive into more than 25 SaltStack Enterprise metrics to execute any IT monitoring needs. Prometheus-compatibility means its data can easily be consumed by third-party tools such as Splunk, Datadog, and many others. Additionally, an official SaltStack Enterprise Splunk add-on has been added to Splunkbase, offering the ability to take automated actions from Splunk into SaltStack Enterprise when a critical event occurs.

Thomas Hatch, co-founder and chief technology officer at SaltStack said, “The new integrations represent an impactful collaboration with leaders in the infrastructure security space. By combining our innovative security and IT automation capabilities with cohesive technical integrations with our partners, SaltStack is able to continuously offer customers the best-in-class IT monitoring and vulnerability management solutions with the flexibility to operate seamlessly in any infrastructure or environment. SaltStack Enterprise is unique in this regard, as well as in its broad capacity to scan, prioritize, and remediate vulnerabilities automatically.”

SaltStack Enterprise 6.3 is now available via subscription.