Overview

SaltStack Comply, part of the SaltStack SecOps product family, delivers intelligent automation and collaboration software for security operations teams. It is the only enterprise security automation product that can scan an infrastructure environment, determine non-compliance with policies such as a CIS Benchmark, DISA-STIGS, or NIST, and then automate remediation of any discovered system-level vulnerabilities or misconfigurations. SaltStack Comply automation also includes a persistent connection between a master command and control server and minions (agents) on any managed infrastructure (public and private cloud infrastructure, network infra, any operating system, containerized environments, and more. In this way, SaltStack ensures continuous compliance and combines compliance scans with actionable remediation routines, ensuring that when vulnerabilities are discovered, they are also FIXED. This enables security and IT teams to secure their networks comprehensively at scale, insulating their organizations from liabilities associated with data breaches, such as lawsuits, intellectual property theft, and fines for non-compliance.

Enterprise IT operations and SRE teams use SaltStack to manage and secure cloud-based business operations in some of the biggest companies in the world with the most substantial and complex infrastructure, leveraging its ability to automate the work of ITOps, DevOps, NetOps, or SecOps functions. For example, the network engineering team at IBM Cloud credits SaltStack Comply with increasing operational efficiency, enhancing visibility into the current state, streamlining deployments, and proactively and reactively securing networking infrastructure throughout their systems. The LinkedIn SRE team used SaltStack to automate the remediation of a critical Linux vulnerability afflicting 40,000 servers underpinning the LinkedIn service, in less than five minutes. eBay uses SaltStack to automate maintenance and security of more than 300,000 servers.