VMware has acquired SaltStack as part of an effort to unify IT and security operations management. The announcement was made during the online VMworld 2020 conference this week.
SaltStack has developed an open source IT automation platform to automate IT operations. In recent months it has been extended to also address security and compliance management.
At the same time, VMware released a bevy of updates to its security portfolio, including VMware Carbon Black Cloud Workload. That offering combines vulnerability reporting with workload hardening software for both legacy platform and microservices-based applications deployed on Kubernetes clusters. It also includes elements of AppDefense, which VMware developed to harden workloads running on VMware vSphere platforms.
VMware also announced VMware NSX Advanced Threat Prevention, which combines NSX Distributed IDS/IPS with malware detection software and network traffic analysis (NTA) technologies acquired from Lastline Inc.
Finally, VMware announced it has committed to reselling a secure web gateway from Menlo Security as part of the VMware SD-WAN portfolio and formed an alliance with Zscaler to manage security as a service.
SaltStack provides VMware with an IT automation framework that can be applied across multiple clouds running virtual machines and containers. The current vRealize IT automation framework is optimized for instances of VMware vSphere.
Tom Corn, senior vice president for the Security Business Unit for VMware, said VMware’s entire approach to security is predicated on making it easier for IT operations teams rather than cybersecurity professionals to implement security controls. There are simply not enough cybersecurity professionals available to implement cybersecurity controls when DevOps teams are rolling out and updating application workloads multiple times a week, he said.
Cybersecurity teams will continue to define what controls will need to be put in place, but it will be left to the IT operations teams to implement those controls in much the same way responsibility for application security is now also being shifted left as part of best DevSecOps practices.
Corn said it’s clear IT security is a team sport that requires greater collaboration among IT operations teams, developers and cybersecurity professionals. VMware has been investing in security technologies with an eye toward making it easier for IT operations teams to automate security operations in much the same way any other IT task is being automated, he noted.
That convergence isn’t going to occur overnight. There are many challenges including culture. Many cybersecurity professionals view IT operations and developers as being equally responsible for many of the root causes of a cybersecurity breach. It may be a while before cybersecurity teams have enough confidence in the ability of IT administrators and developers to proactively address cybersecurity issues before and after applications are deployed in production environments.
Of course, there’s no alternative. The days of waiting two months or more for a security review as part of a waterfall development process are over. Security, like it or not, needs to become as agile as the rest of IT.