To begin using SaltStack SecOps Vulnerability, first create your security policy. In your policy, add the minions you want to target in an assessment and determine the assessment’s run schedule.

Creating a security policy

Before creating your first security policy, you need access to the vulnerability library. See Updating the vulnerability library for more information.

You might also want to create the targets that you want to assess before creating your policy. A target is the group of assets (referred to as minions) your policy will apply to. See Minions for more information.

  1. In the Vulnerability workspace, click Create policy.
  2. Enter a policy name and select the target you want to assess.
    Note: Scanning a large number of minions might result in long processing times. This could also delay other processes, such as jobs running, in SaltStack Config. Make sure to account for extra time required to run large assessments.
  3. Define a schedule frequency. See Vulnerability policies for more information about schedule frequency settings.
  4. (Optional) Select Run assessment on save.
  5. Click Save.

    The policy is now saved. If you chose to run an assessment on save, the assessment is now running.

Editing a security policy

To edit an existing SaltStack SecOps Vulnerability policy:

  1. In the Vulnerability workspace, click the policy you want to edit.

    Clicking a policy opens the selected policy’s dashboard.

  2. In the policy dashboard, click Edit policy in the upper-right corner.
  3. Edit the policy as needed and click Save.