Automation for Secure Hosts is a compliance and vulnerability management application that can automate security remediation.

Note: Going forward, Automation Config is no longer included in the Aria Automation suite of products. The new name of this product is VMware Tanzu Salt and this product is available as part of the VMware Tanzu Platform suite of products. See Using and Managing Tanzu Salt for more information.

Automation for Secure Hosts allows you to scan your system for compliance against various security benchmarks, detect system vulnerabilities, and remediate your results. Automation for Secure Hosts includes both Automation for Secure Hosts Compliance and Automation for Secure Hosts Vulnerability services.

Automation for Secure Hosts Compliance scans your system for compliance with supported security benchmarks from accredited institutions (such as CentOS Linux Level 1 and 2 Server and Workstation) and allows you to remediate nodes that are not in compliance. It includes two compliance libraries:
  • Compliance Content Library - Built-in security content
  • Compliance Content Custom Library - Custom checks and benchmarks defined and uploaded by your organization.

Automation for Secure Hosts Vulnerability scans your system for common vulnerabilities and exposures (CVEs), and then remediates any identified advisories. It includes a built-in advisories vulnerability library.

Content libraries are updated regularly as security standards change. You can also configure content to download automatically as updates become available, or download content manually. To manually check for updates and download content, click Administration > Secure Hosts > and click either Check for Updates or Upload Package underneath the desired content library.

Note: Before you can use Automation for Secure Hosts, you must have Automation Config installed and configured. However, Automation for Secure Hosts requires a separate product license from Automation Config. Contact a sales representative for more information.