This two-day, hands-on training course provides you with the advanced knowledge, skills, and tools to achieve competency in using VMware vRealize Automation SaltStack SecOps. SaltStack SecOps allows you to scan your system for compliance against security benchmarks, detect system vulnerabilities, and remediate your results. This course enables you to create the SaltStack SecOps custom compliance libraries and use SaltStack SecOps. In addition, this course provides you with the fundamentals of how to use VMware vRealize Automation SaltStack Config to install software and manage system configurations.


* Actual course outline may vary depending on offering center. Contact your sales representative for more information.

Learning Objectives

By the end of the course, you should be able to meet the following objectives:
Describe the architecture of SaltStack Config and SaltStack SecOps
Integrate SaltStack Config with directory services.
Configure roles and permissions for users and groups to manage and use SaltStack SecOps
Use targeting to ensure that the jobs run on the correct minion systems
Use remote execution modules to install the packages, transfer files, manage services, and manage users on minion systems
Manage configuration control on the minion systems with states, pillars, requisites, and declarations
Use Jinja and YAML code to manage the minion systems with the state files
Enforce the desired state across minion systems automatically
Use SaltStack SecOps to update the compliance and vulnerability content libraries
Use SaltStack SecOps to enforce compliance and remediation on the infrastructure with industry standards
Use SaltStack SecOps to provide automated vulnerability scanning and remediation on your infrastructure

  • Course Introduction

  • Introductions and course logistics
    Course objectives

  • SaltStack Config Architecture

  • Identify the SaltStack Config deployment types
    Identify the components of SaltStack Config
    Describe the role of each SaltStack Config component

  • SaltStack Config Security

  • Describe local user authentication
    Describe LDAP and Active Directory authentication
    Describe the roles and permissions in vRealize Automation for SaltStack Config
    Describe the roles and permissions in SaltStack Config
    Describe the SecOps permissions in SaltStack Config
    Describe the advanced permissions available in SaltStack Config

  • Targeting Minions

  • Describe targeting and its importance
    Target minions by minion ID
    Target minions by glob
    Target minions by regular expressions
    Target minions by lists
    Target minions by compound matching
    Target minions by complex logical matching

  • Remote Execution and Job Management

  • Describe remote execution and its importance
    Describe functions and arguments
    Create and manage jobs
    Use the Activities dashboard

  • Configuration Control Through States, Pillars, Requisites, and Declarations

  • Define the SaltStack states
    Describe file management in SaltStack Config
    Create the SaltStack state files
    Identify the components of a SaltStack state
    Describe pillar data and the uses of pillar data
    Configure pillar data on the SaltStack Config master server
    Use pillar data in variables in the state files
    Describe the difference between IDs and names in the state files
    Use the correct execution order
    Use requisites in the state files

  • Using Jinja and YAML

  • Describe the SaltStack Config renderer system
    Use YAML in the state files
    Use Jinja in the state files
    Use Jinja conditionals, lists, and loops

  • Using SaltStack SecOps Comply

  • Describe the SaltStack SecOps Comply architecture
    Describe CIS and DISA STIG benchmarks
    Describe the SaltStack SecOps Comply security library
    Describe the remediation differences between SaltStack SecOps and VMware Carbon Black®
    Create and manage the policies
    Create and manage the custom checks
    Run assessments on the minion systems
    Use SaltStack SecOps to remediate the noncompliant systems
    Manage the SaltStack SecOps Comply configuration options
    Manage the benchmark content ingestion

  • Using SaltStack SecOps Protect

  • Describe Common Vulnerabilities and Exposures (CVEs)
    Use the Protect dashboard
    Create and manage the policies
    Update the vulnerability library
    Run the vulnerability scans
    Remediate the vulnerabilities
    Manage the vulnerability exemptions


Security administrators who are responsible for using SaltStack SecOps to manage the security operations in their enterprise will benefit from this course.




You should have the following understanding or knowledge: Basic Linux administration skills Basic Windows administration skills Knowledge and working experience of VMware vSphere® environments


Length: 2.0 days (16 hours)


Not Your Location? Change

Course Schedule:

Schedule select
9:00 AM CT -
5:00 PM CT
Filling Fast