Many organizations are experiencing the burden of vulnerability-detection fatigue — and because they lack resources and other constraints, their hands can remain tied when attempting to prioritize and remediate the fixes.
As developers rush to boost the cadences of new open stack development and deployments, security scans typically reveal massive reports where possible vulnerabilities are located in the network. However, security teams often struggle to spend the time and resources to prioritize the most critical vulnerabilities, while making sure the security team implements the right fixes represents an additional challenge. Security teams might often continue to muddle along by implementing manual fixes, while hoping for the best but dreading the worst, while Equifax, Docker container and other high-profile breaches show what can go horribly wrong.
However, SaltStack says it has a solution: its Enterprise 6.1 release with SaltStack Protect offers an alternative to offset security and IT skills gaps and talent shortages by automating the vast majority of vulnerability detections and fixes, SaltStack says.
The concept behind is to provide SecOps teams with the option of automating the discovery and remediation of security vulnerabilities across multi-cloud and on-premises infrastructures. In doing so, SaltStack says SaltStack Enterprise 6.1 brings automation to SecOps with an API that scans IT systems for vulnerabilities and then provides out-of-the-box automation workflows to remediate them.
“A lot of vendors exist out there who can tell you how many vulnerabilities you have and some can then prioritize them for you,” but they do not automate the remediation process, SaltStack Chief Technology Officer and founder Thomas S. Hatch said.
The introduction of SaltStack Enterprise 6.1 is part of SaltStack’s attempt to improve its support for infrastructure and SecOps, within the fold of its Salt configuration-management software. The release coincides with Hatch’s introduction of open source project Plugin Oriented Programming (POP) as the umbrella projects for Heist and Umbra that SaltStack also launched this week. All of the releases are part of SaltStack’s attempt to offer more “innovation-driven” projects geared towards managing diverse deployments and networks often spread over a combination of on-premises and multicloud infrastructures.
While Hatch said SaltStack is also seeking to maintain the right balance between open source and proprietary business models, he disagreed that SaltStack’s main competitors still consisted of Puppet, Chef and others. “I feel like we’re a little ahead of the curve on the reinvention,” Hatch said.
However, Hatch candidly said Enterprise 6.1 does not allow you to “set it and forget it,” either. “It would be incredibly irresponsible to not recognize the fact that there is always going to be those areas that require manual intervention,” Hatch said. “But [Enterprise 6.1] can handle 80% to 90% of these cases and can be completely automated. There’s also still going to be those tough case of that last 10% to 20% that need a little more human intervention, but we can get these infrastructures to a point where they are more automatically secure.”
The security fix automation translates into time and resource savings, Hatch said. “You know that when you find something that’s going to be fixed within a certain period of time, you’ve freed up the resources to do it because [Enterprise 6.1] has automatically fixed so much of the low-hanging fruit.”
The emphasis on boosting security remediation is also an obvious step in improving network standardization, as well as, compliancy. “Faster automated responses to potential security issues means better standardization. This also allows all data to coexist in my datacenters [or in multicloud environments] because everything is talking the same languages, using the same ports, etc.,” Renee Murphy, an analyst for Forrester Research told The New Stack. So, when one security system is managing all of the same data “and the data knows how to get along well and it’s standardized correctly, then it’s always cheaper to manage as well.”
Specific capabilities Enterprise 6.1 offers include:
- Native CVE Scanning for on-premises and multi-cloud deployments.
- Vulnerabilities Prioritization to assess and prioritize threats for remediation, which SaltStack helps to differentiate vulnerabilities that are exploitable.
- Automated remediation for SecOps with an API that scans for vulnerabilities and automates the workflows to remediate them.
“Compared to the previous versions of Enterprise, we are automatically remediating vulnerabilities in addition to configuring them securely,” Hatch said.
Puppet is a sponsor of The New Stack.
Feature image via Pixabay.