The Collaborative DevSecOps Automation Factory for Everyone
Dev, Sec, and Ops teams can innovate collaboratively, building modern security-first automation
Sophos Factory allows your teams to automate anything. It operates as a DevSecOps factory where your entire IT stack becomes software, also known as IT as code. Like a factory, pipelines can be used as building blocks to create repeatable solutions that work much like an IT assembly line. These solutions can be run in easy-to-consume automation that tech teams can support in a collaborative responsibility model and iterate quickly to the business needs and minimize security risk.
Sophos is bringing automated solution delivery to Air Force use cases in compliance, container security, and realizing security in DevSecOps.
Sophos is working with Platform One to help reduce tool and content sprawl while also enabling all warfighters to take part in the DevSecOps process.
Vendors are automatedly re-certifying with CIS-CAT against the newest CIS benchmarks.
What is DevSecOps?
DevSecOps stands for development, security, and operations. It’s a holistic, agile approach to culture, automation, and platform design that integrates security as a collaborative responsibility throughout the entire IT as code lifecycle.
Rooted in DevOps and agile software development methods, Sophos Factory combines tools, teams, and practices to standardize, secure, and reuse IT as code pipelines. It enables you to build modern solutions through collaborative automation, empowering Dev, Sec, and Ops teams to build upon accumulated knowledge efficiently.
Use Cases
SOAR and Incident Response
SOAR and Incident Response
Effective incident response requires rapid action. With out-of-the-box prebuilt pipelines enabling many actions and integrations, Sophos Factory allows you to rapidly build pipelines to respond to security events by effortlessly tying together disparate technology and saving that pipeline for later use. See a new security event? Swiftly adjust the pipeline on the fly to speed up response time and ensure future events are effectively mitigated.
Ecosystem
Sophos Factory works with industry-leading partners to make automation accessible across your environment through pre-built DevSecOps pipelines published to solutions catalogs.
Jobs
Trigger your pipelines via jobs that control the data flow into your pipeline and enable a user to kick off a pipeline manually or setup on a schedule. For more sophisticated jobs, we enable interoperability to other systems through incoming webhooks, CLI tool, JavaScript API client, GitHub Action, or even develop directly against the Sophos Factory API.
Incoming webhooks support interoperability to other systems, and we include the following presets with many more coming:
Modules
Kickstart your DevSecOps journey by browsing pre-built automation content directly from the Sophos Factory solution catalogs or customize each pipeline with an extensive and growing list of step modules.
Utilities
Built-in
Pause
Built-in
Debug Message
Built-in
Set Variables
Built-in
Write File
Built-in
HTTP Request
Built-in
Conditional Gate
Built-in
Assert
Built-in
Credential
Secrets Management
Hashicorp
Vault
Source Control
Git
Git Clone
Cloud Infrastructure
Microsoft Azure
Resource Group
Microsoft Azure
ARM Template
Microsoft Azure
Azure CLI
Google Cloud
GCP Template
Amazon Web Services
AWS CloudFormation
Amazon Web Services
AWS CLI
Hashicorp
Terraform
Config Management
Red Hat
Ansible Playbook
Compliance Assessment
OpenSCAP
OpenSCAP Scanner
CIS-CAT
CIS-CAT Assessor
Container Tools
Docker
Docker Build & Push
Scripts
Local
Shell Script
Python
Python Script
Node.js
Node.js Script
Microsoft
PowerShell Script
Go Executor
Kubernetes
Kubernetes
kubectl
Helm
Helm Chart
Helm
Helm CLI
Vulnerability Scanners
BridgeCrew
Checkov
Accurics
Terrascan
SonarSource
SonarScanner
Container Security
Aqua Security
Trivy
Tool Installers
Tool Installer
Install Node.js
Tool Installer
Install Java
Tool Installer
Install Go
Tool Installer
Install Python
Community Edition
Sophos Factory’s community edition allows two users to take advantage of one runner and three projects at no cost.
Sophos Factory’s community edition allows two users to take advantage of one runner and three projects at no cost. Community edition users are additionally entitled to two-week run retention of data, limited SLA, and email support. Features include:
Command line interface
The DevOps-friendly CLI running alongside the graphical pipeline builder allows DevOps and cybersecurity teams to collaborate on the same platform together, using tools they are already familiar with.
Virtual machine runners
The platform now provides cloud-hosted virtual machine runners, enabling running arbitrary Docker containers in pipeline steps. This addition allows more users to bring their existing solutions into the platform with minimal friction.
Tool installers
New “tool installer” step modules automatically install automation tools onto the pipeline runner behind the scenes. This feature eliminates custom setup steps to install or upgrade/downgrade tool installations before running pipelines. Supported tools include Python, Node.js, PowerShell, Ansible, Terraform, Vault, CIS-CAT Assessor, Azure/AWS CLIs, kubectl, Helm, and more.
Credential integrations
Users can now more easily integrate with external secrets management systems by “importing” secrets into Sophos Factory’s streamlined credential system at runtime. This feature enables deeper integration with popular key stores, such as HashiCorp Vault. It is also a highly secure pipeline execution, where secrets only exist within Sophos Factory’s isolated ephemeral runners on an as needed basis.
