Promote this Nomination

Additional Info

Company (that provides the nominated product / solution / service)SaltStack
Websitesaltstack.com
Company size (employees)50 to 99
Type of solutionSoftware

In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:

-Most of the money spent on security software goes toward tools that only show security operations teams the vulnerabilities and security issues found in an environment, but do nothing to fix or remediate the issue. By harnessing proven event-driven automation to deliver full-service, closed-loop automation for IT system compliance and vulnerability remediation, SaltStack Comply is changing what is possible in cybersecurity. It is the only enterprise security automation product that can scan an infrastructure environment, determine non-compliance with policies such as a CIS Benchmark, DISA-STIGS, or NIST, and then automate remediation of any discovered system-level vulnerabilities or misconfigurations.

-SaltStack Comply combines the proven infrastructure automation and configuration capabilities of SaltStack and adds vulnerability remediation and continuous compliance functions. This combination provides collaboration and automation for security operations teams working together to truly secure IT operations, whether teams need help automating the work of ITOps, DevOps, NetOps, or SecOps.. Its intelligent, event-driven automation makes self-healing, continuously compliant infrastructure possible if so desired by the SecOps team, something traditional security vendors cannot, and do not try, to achieve.

-SaltStack automation includes a persistent connection between a master command and control server and minions (agents) on any managed infrastructure (public and private cloud infrastructure, network infra, any operating system, containerized environments, and more), highlighting the solution’s versatility and ability to always monitor and deliver continuous compliance.

Overview

SaltStack Comply, part of the SaltStack SecOps product family, delivers intelligent automation and collaboration software for security operations teams. It is the only enterprise security automation product that can scan an infrastructure environment, determine non-compliance with policies such as a CIS Benchmark, DISA-STIGS, or NIST, and then automate remediation of any discovered system-level vulnerabilities or misconfigurations. SaltStack Comply automation also includes a persistent connection between a master command and control server and minions (agents) on any managed infrastructure (public and private cloud infrastructure, network infra, any operating system, containerized environments, and more. In this way, SaltStack ensures continuous compliance and combines compliance scans with actionable remediation routines, ensuring that when vulnerabilities are discovered, they are also FIXED. This enables security and IT teams to secure their networks comprehensively at scale, insulating their organizations from liabilities associated with data breaches, such as lawsuits, intellectual property theft, and fines for non-compliance.

Enterprise IT operations and SRE teams use SaltStack to manage and secure cloud-based business operations in some of the biggest companies in the world with the most substantial and complex infrastructure, leveraging its ability to automate the work of ITOps, DevOps, NetOps, or SecOps functions. For example, the network engineering team at IBM Cloud credits SaltStack Comply with increasing operational efficiency, enhancing visibility into the current state, streamlining deployments, and proactively and reactively securing networking infrastructure throughout their systems. The LinkedIn SRE team used SaltStack to automate the remediation of a critical Linux vulnerability afflicting 40,000 servers underpinning the LinkedIn service, in less than five minutes. eBay uses SaltStack to automate maintenance and security of more than 300,000 servers.