The Collaborative DevSecOps Automation Factory for Everyone

Dev, Sec, and Ops teams can innovate collaboratively, building modern security-first automation

Sophos Factory allows your teams to automate anything. It operates as a DevSecOps factory where your entire IT stack becomes software, also known as IT as code. Like a factory, pipelines can be used as building blocks to create repeatable solutions that work much like an IT assembly line. These solutions can be run in easy-to-consume automation that tech teams can support in a collaborative responsibility model and iterate quickly to the business needs and minimize security risk.

Sophos is bringing automated solution delivery to Air Force use cases in compliance, container security, and realizing security in DevSecOps.

Sophos is working with Platform One to help reduce tool and content sprawl while also enabling all warfighters to take part in the DevSecOps process.

Vendors are automatedly re-certifying with CIS-CAT against the newest CIS benchmarks.

What is DevSecOps?

DevSecOps stands for development, security, and operations. It’s a holistic, agile approach to culture, automation, and platform design that integrates security as a collaborative responsibility throughout the entire IT as code lifecycle.

Rooted in DevOps and agile software development methods, Sophos Factory combines tools, teams, and practices to standardize, secure, and reuse IT as code pipelines. It enables you to build modern solutions through collaborative automation, empowering Dev, Sec, and Ops teams to build upon accumulated knowledge efficiently.

Use Cases

SOAR and Incident Response

Compliance

Cloud Security

App Security

Network Automation

Infrastructure Automation

SOAR and Incident Response

Effective incident response requires rapid action. With out-of-the-box prebuilt pipelines enabling many actions and integrations, Sophos Factory allows you to rapidly build pipelines to respond to security events by effortlessly tying together disparate technology and saving that pipeline for later use. See a new security event? Swiftly adjust the pipeline on the fly to speed up response time and ensure future events are effectively mitigated.

Ecosystem

Sophos Factory works with industry-leading partners to make automation accessible across your environment through pre-built DevSecOps pipelines published to solutions catalogs.

Jobs

Trigger your pipelines via jobs that control the data flow into your pipeline and enable a user to kick off a pipeline manually or setup on a schedule. For more sophisticated jobs, we enable interoperability to other systems through incoming webhooks, CLI tool, JavaScript API client, GitHub Action, or even develop directly against the Sophos Factory API.

Incoming webhooks support interoperability to other systems, and we include the following presets with many more coming:

Modules

Kickstart your DevSecOps journey by browsing pre-built automation content directly from the Sophos Factory solution catalogs or customize each pipeline with an extensive and growing list of step modules.

Utilities

Built-in
Pause

Built-in
Debug Message

Built-in
Set Variables

Built-in
Write File

Built-in
HTTP Request

Built-in
Conditional Gate

Built-in
Assert

Built-in
Credential

Secrets Management

Hashicorp
Vault

Source Control

Git
Git Clone

Cloud Infrastructure

Microsoft Azure
Resource Group

Microsoft Azure
ARM Template

Microsoft Azure
Azure CLI

Google Cloud
GCP Template

Amazon Web Services
AWS CloudFormation

Amazon Web Services
AWS CLI

Hashicorp
Terraform

Config Management

Red Hat
Ansible Playbook

Compliance Assessment

OpenSCAP
OpenSCAP Scanner

CIS-CAT
CIS-CAT Assessor

Container Tools

Docker
Docker Build & Push

Scripts

Local
Shell Script

Python
Python Script

Node.js
Node.js Script

Microsoft
PowerShell Script

Google
Go Executor

Kubernetes

Kubernetes
kubectl

Helm
Helm Chart

Helm
Helm CLI

Vulnerability Scanners

BridgeCrew
Checkov

Accurics
Terrascan

SonarSource
SonarScanner

Container Security

Aqua Security
Trivy

Tool Installers

Tool Installer
Install Node.js

Tool Installer
Install Java

Tool Installer
Install Go

Tool Installer
Install Python

Community Edition

Sophos Factory’s community edition allows two users to take advantage of one runner and three projects at no cost.

Sophos Factory’s community edition allows two users to take advantage of one runner and three projects at no cost. Community edition users are additionally entitled to two-week run retention of data, limited SLA, and email support. Features include:

Command line interface

The DevOps-friendly CLI running alongside the graphical pipeline builder allows DevOps and cybersecurity teams to collaborate on the same platform together, using tools they are already familiar with.

Virtual machine runners

The platform now provides cloud-hosted virtual machine runners, enabling running arbitrary Docker containers in pipeline steps. This addition allows more users to bring their existing solutions into the platform with minimal friction.

Tool installers

New “tool installer” step modules automatically install automation tools onto the pipeline runner behind the scenes. This feature eliminates custom setup steps to install or upgrade/downgrade tool installations before running pipelines. Supported tools include Python, Node.js, PowerShell, Ansible, Terraform, Vault, CIS-CAT Assessor, Azure/AWS CLIs, kubectl, Helm, and more.

Credential integrations

Users can now more easily integrate with external secrets management systems by “importing” secrets into Sophos Factory’s streamlined credential system at runtime. This feature enables deeper integration with popular key stores, such as HashiCorp Vault. It is also a highly secure pipeline execution, where secrets only exist within Sophos Factory’s isolated ephemeral runners on an as needed basis.