Ops tools for hardening your infrastructure

Adobe Systems is leveraging SaltStack for full system auditing, reporting and compliance. This presentation outlines how Adobe leveraged SaltStack for FedRamp compliance and the custom tools and modules we've created for SOC-2 and beyond. Internally the project is codenamed "Argos" and includes components for HIDS, FIM and CIS compliance auditing. We've also extended the auditing to include osquery integration, allowing SQL-like querying capabilities across the entire datacenter. We are now able to query the datacenter in real-time for security threats, compliance auditing and generate reports via data returned to Splunk.