Researchers have identified a template injection technique against the open source SaltStack IT configuration and orchestration platform, as well as common misconfiguration issues, which could allow attackers to gain over organization’s network. Salt is open source software for automating networking and security functions based on events and specific configurations, similar to Puppet or Ansible.
Read full article on Dark Reading: Cloud