SaltStack SecOps is a compliance and vulnerability management tool that can automate security remediation. It includes SaltStack SecOps Compliance, which scans your systems for compliance with various security benchmarks and then remediates the nodes that are not in compliance. It also includes SaltStack SecOps Vulnerability, which scans your systems for common vulernabilities and exposures (CVEs) and then remediates any advisories it finds.

SaltStack SecOps requires a separate product license from SaltStack Config. Contact a sales representative for more information.

SecOps content libraries

SaltStack SecOps includes regularly-updated content, as well as SaltStack SecOps Compliance. Together, SecOps includes the following content libraries:

  • Compliance Content - Built-in security content for SaltStack SecOps Compliance
  • Compliance Content - Custom - Custom checks and benchmarks defined and uploaded by your organization
  • Vulnerability Content - Built-in advisories for SaltStack SecOps Vulnerability

Content libraries update regularly as security standards change.

You can configure content to download automatically as updates become available, or you can download content manually.

SaltStack SecOps features

The following articles explain how to use the core features of SaltStack SecOps in more depth: