What is our primary use case?
We are using SaltStack SecOps for a rather large fleet of VMs that include a mixture of both Linux and Windows, with many different OS versions for each. It is used to view the compliance of the systems within our infrastructure.
This product brings all of the rich data that it collects under once central view. It makes the remediation of compliance or security issues quick and easy to understand. Being able to see this data allows us to be agile and we are able to make changes on a massive scale, thus reducing the manpower needed to implement changes.
How has it helped my organization?
SaltStack has given us the ability to deal with systems at scale and rectify issues at scale. This, along with the fact that SaltStack is a event engine, allows teams to be able to to creatively attack problems and view problems within our infrastructure.
The SecOps product allows us to see where there may be issues, what a current patch level may be at, and what the recommended patch is.
As far as compliance, SecOps is able to reduce the time it takes us to verify our systems are compliant with policy.
What is most valuable?
The most valuable feature is the ability to see both compliance and vulnerabilities in a dashboard view. Being able to see that data in one place is a real game-changer. This, along with the rich metadata from our systems allows us to be able to drill down to very specific facts about each and every system. With this level of insight, we are able to make changes both at scale as well as at an individual system or application level.
SaltStack SecOps has the ability to react to events and also allows us to start reacting automatically to issues that might be in that infrastructure.
What needs improvement?
SaltStack is still growing, and so there are still those growing pains.
Sometimes in order to get the functionality you want, you need to update to the latest and greatest of the software. For companies that traditionally like to wait for bugs to be found, this can be a bit painful. Most of the downsides are because the product is growing and is becoming more and more useful, so I can't complain too much about that. It's evident that SaltStack is listening to it's customers and wants to create a fully functional piece of software.
For how long have I used the solution?
We have been using SaltStack for three months.
What do I think about the scalability of the solution?
This product seems to handle our scale issues so far.
How are customer service and technical support?
From our experience, there are not very many issues that we've found with the product in of itself. I'm sure that as we need to scale out, there may be some help/guidance that we need to inquire of support/professional services, but I'm confident that those groups within SaltStack will be able to provide the guidance that is needed to be successful.
Which solution did I use previously and why did I switch?
Prior to this, we used Puppet/SaltStack open-source. The Puppet solution had scale issues, and SaltStack Open Source didn't have the SecOps product
Which other solutions did I evaluate?
We did not evaluate other options before choosing this solution.
What other advice do I have?
SaltStack, when viewed in the light that it is an event engine, is a very powerful tool.
Which deployment model are you using for this solution?