The Forge team at Puppet has been hard at work for the past few months building out a malware scanning framework in order to help folks be more proactive about their security posture. Now, to be clear, this doesn't replace your own security mitigations. You should still audit untrusted code. You should still run your own virus protections. There are many layers in a robust security profile, and this is only one of them.
Recently, I started to read the invaluable book Software Engineering at Google. It’s a great book by Google, describing their engineering practices across many different domains. One of the first chapters discusses the matter of making a “scalable impact,” which I find very interesting, and something that I believe has been overlooked by many organizations.
This is the second post in a four-part series on why Open Source Puppet users have made the decision to move to Puppet Enterprise. If you’re considering making this change, read on for pros and cons! As more and more businesses are moving from Open Source Puppet (OSP) to Puppet Enterprise (PE), they are experiencing multiple benefits. In this blog series, we’re exploring the biggest benefits we hear from customers about their experience moving from OSP to PE.