SaltStack, the creators of intelligent automation for security operations and IT teams, announced new features available in SaltStack Enterprise 6.3 that integrate best-of-breed IT monitoring and vulnerability management solutions, including Splunk, Tenable, Qualys, Rapid7, and Kenna Security. These features enhance the security capabilities of and lessen the operational burdens on ITOps and SecOps teams. 

The integration with Splunk will improve SaltStack users' ability to monitor the health of their SaltStack infrastructure and automate incident response.  Additionally, the ability to directly import vulnerability scan data from Tenable, Qualys, and Rapid7 will simplify vulnerability management workflows while the integration with Kenna Security will help ITOps and SecOps teams automate and prioritize vulnerability remediation based on risk to ensure that the most at-risk systems are patched and secured before damage can occur.

"Through deeper integrations with Splunk, Tenable, and several other information security partners, we are now able to easily develop a closed-loop security solution. This will enable us to gather exhaustive insights about the environment through Splunk and Tenable, and respond accordingly to threats in dynamic and robust ways leveraging the native multi-directional integrations Saltstack has integrated into its SaltStack Enterprise 6.3 release," said Edmund Bennett, director of business intelligence and automation, cloud operations at SumTotal Systems, a leading platform for learning and talent development.

SaltStack's integration with Splunk will enable a greater number of customers worldwide to use SaltStack to automate security actions based on Splunk events. Moreover, its integrations with Tenable, Qualys, and Rapid7, which together account for almost 70 percent of all current vulnerability management revenue according to IDC, will improve the abilities of ITOps and SecOps teams to operationalize vulnerability management and more effectively remediate risks using SaltStack Protect. Additionally, SaltStack's direct integrations with risk-based vulnerability management (RBVM) vendors such as Tenable.io, using its Vulnerability Priority Rating (VPR), and Kenna Security, using its Risk Score, will streamline the remediation of critical vulnerabilities, therefore reducing the overall risk profile of an organization. 

"I'm responsible for maintaining a large environment that includes IT operations, security, and compliance. We have a limited team with varying degrees of skill and experience. Automating security and management tasks across these environments is the only way to ensure that we do not fall victim to vulnerabilities," said Robert Date, IT architect, Man Energy Solutions, a European producer of large-bore diesel engines and turbomachinery for marine and stationary applications. "Because of SaltStack and its ability to integrate with so many other systems, it's incredibly easy to connect all my enterprise assets and remediate any security vulnerabilities or compliance risks automatically."

SaltStack Enterprise 6.3 also introduces several features that enhance IT monitoring, response automation, and the SaltStack user experience to ensure that the challenges of Day 2 operations do not generate additional risk. These include a new performance and health dashboard coupled with a Prometheus-compatible metrics endpoint that allows users to dive into more than 25 SaltStack Enterprise metrics to execute any IT monitoring needs. Prometheus-compatibility means its data can easily be consumed by third-party tools such as Splunk, Datadog, and many others. Additionally, an official SaltStack Enterprise Splunk add-on has been added to Splunkbase, offering the ability to take automated actions from Splunk into SaltStack Enterprise when a critical event occurs.

Thomas Hatch, co-founder and chief technology officer at SaltStack said, "The new integrations represent an impactful collaboration with leaders in the infrastructure security space. By combining our innovative security and IT automation capabilities with cohesive technical integrations with our partners, SaltStack is able to continuously offer customers the best-in-class IT monitoring and vulnerability management solutions with the flexibility to operate seamlessly in any infrastructure or environment. SaltStack Enterprise is unique in this regard, as well as in its broad capacity to scan, prioritize, and remediate vulnerabilities automatically."