Operations | Monitoring | ITSM | DevOps | Cloud

How Puppet supports desktop and laptop automation in a changing world

The world has changed since I started out on a help desk in Colorado 25 years ago. In those long ago years, a company’s desktop machines actually lived under the desks of many in the organization (and often doubled as a foot warmer!) and configuration was done machine by machine manually, or maybe even by some script that was created to run at login if we were lucky. If there were laptops in use by the business users, they were a lot less mobile and rarer than in today’s business world...

Features, the forgotten feature of Puppet

When you write enough Puppet code, you will eventually find yourself in need of a Facter fact or Puppet resource type that doesn’t exist in Puppet itself. Then, if you’re like me, you go to the Puppet Forge and see if someone else has written what you need. Oftentimes, you find what you need, add a new module to your Puppetfile or module metadata, and move on with your life.

How Puppet provides cyber security resilience to customers

You only have to read regular news reports about the multiple outages across household names in banking and financial services, resulting in customers being unable to access their bank accounts, to know that cyber security resilience has never been more important and is on every organization’s radar. The threat of regulatory action, heavy fines, and the potential loss of banking licenses is very real.

Puppet announces GSA listing, Carahsoft partnership

I’m excited to share Puppet’s increased commitment to government agencies through a new relationship with Carahsoft. Through this relationship, Puppet, the industry leader in infrastructure automation, will increase its availability of Puppet Enterprise on preferred government purchasing vehicles, like the General Services Administration (GSA) Schedule 70, NASA SEWP, and a number of other federal, state, and local contracts.

Don't let compliance & security haunt you: What to expect in an audit

It’s Cyber Security Awareness Month, and many IT professionals are being haunted by the thought of gearing up for a security and compliance audit. Preparing for an IT audit can take months of planning. It can be time-consuming, uncomfortable, and stressful. Guess what else takes a long time and can be uncomfortable and stressful? Creating a human!

Australian Government Essential 8

It seems that virtually every day, another threat to cybersecurity presents itself. In response to this ongoing concern, the Australian Cyber Security Centre has developed prioritized mitigation strategies, in the form of the Strategies to Mitigate Cyber Security Incidents, to help organizations protect themselves against various cyber threats.

A closer look at how Puppet's new Compliance Enforcement Modules work

Since we launched Puppet Comply last year, we’ve been working hard to build out the solution’s capabilities so that we can provide our customers with more options in implementing a continuous compliance program, and become more proactive and efficient in how they manage compliance. A key activity in any strong continuous compliance program is remediation.

Your lookback at Puppetize Digital 2021

Yet another Puppetize Digital is in the (online only) books. Our second annual virtual conference drew attendees from around the globe, bringing together the people at the center of automation. If you weren’t able to attend this year’s event live, worry not! You can watch the entire conference on-demand here. Read on for Puppetize highlights!

How to mitigate the 0-day Apache path traversal vulnerability with Puppet or Bolt

Apache has disclosed a critical actively exploited path traversal flaw in the popular Apache web server, version 2.4.49. This path traversal means that an attacker can trivially read the contents of any file on the server that the Apache process has access to. This could expose highly sensitive information, even as critical as the server's own private SSL certificates. See the Sonatype blog for more technical information on the vulnerability.