SaltStack SecOps Compliance is an IT infrastructure security and compliance solution that combines security with IT operations all in a single platform.

SaltStack SecOps Compliance harnesses SaltStack Config’s powerful configuration management and remote execution capabilities to bring all of your infrastructure assets to compliance with a range of industry-wide security benchmarks. It integrates with SaltStack Config to apply security measures at scale, while respecting custom exemptions based on your organization’s needs.

The built-in compliance library contains the latest security standards based on industry best practice hardening guides. SaltStack SecOps Compliance uses the library to assess your infrastructure security and remediate noncompliant systems instantly. Occasionally, you might need to update the security library and download content. You can update and download content to the security library by clicking Administration > SecOps on the side menu, and then selecting Compliance Content - SaltStack > Check for updates.

To use SaltStack SecOps Compliance, you first define a compliance policy, then scan systems against the policy. The scan detects non-compliant systems and allows you to remediate issues instantly. Additionally, you can enter exemptions and specify user permissions to ensure all paths to remediation are customized for your organization’s needs.