Portland, OR, USA
Jan 12, 2022   |  By David Sandilands
GitHub is in the process of improving Git protocol security by removing insecure DSA keys and legacy ciphers, updating requirements on RSA keys, and adding more secure key signature algorithms ECDSA and ED25519. On January 11, GitHub ran a planned brownout event day to shake out affected clients. Our team at Puppet discovered that many users of Code Manager and r10k were affected by this change.
Jan 6, 2022   |  By Michael Earls
Log4j, the popular open-source logging library, had a rough December and closed out the year with an impressive streak of four critical vulnerabilities so far. Many are calling this the worst cybersecurity event in history. Again, so far.
Dec 28, 2021   |  By John Laffey
Security compliance is the new black. Everyone is talking about it. Everyone is writing about it. Hopefully everyone is doing something about it, but it's a big lift for organizations. Compliance can mean adhering to departmental and company standards; it can mean well-defined regulatory standards like HIPAA, GDPR, and others. Compliance can mean adopting a standardized set of recommended protocols for cyber security. If compliance isn't on your radar right now, it should be.
Dec 22, 2021   |  By John Laffey
Users of Red Hat Satellite will see changes coming out with regard to how Satellite interacts with Puppet. Satellite has long bundled Puppet in the distribution, using Puppet both as the Satellite installer and for configuration management. Users also had the option to leverage Satellite as an External Node Classifier (ENC) for their Puppet estates. Red Hat acquired Ansible, an imperative configuration management tool, in late 2015.
Dec 21, 2021   |  By Ben Ford
Let's rip off the bandaid and get the bad news out there first: we're rolling out telemetry for Puppet content. Read on to find out why I think that's actually good news for you, how you can see exactly what data it collects, and how to make sure it never runs if your corporate policy doesn't allow it. And maybe a free beanie if you choose to opt in?
Dec 8, 2021   |  By Kimberly Carlos
It wouldn’t be Cybersecurity Awareness month without some spooky-themed blogs with language focused on Fear, Uncertainty, and Doubt (FUD). Luckily, it’s the end of November now, and this isn’t that kind of blog, but what was true in October is still true today. I won’t tell you that you need to be afraid of bad actors infiltrating your security defenses and wreaking havoc in your infrastructure. Why? Because you are likely stressed enough already. Don’t you think?
Dec 6, 2021   |  By Rachel Lew
Around the world, the pandemic tested the ability of governments to transform digitally in order to deliver uninterrupted services and to respond effectively to the demands of citizens, businesses, and global leaders in a time of crisis. From contact tracing to disbursing support packages to sharing best practices on how to contain the pandemic, governments needed to deliver these mission-critical services in a timely, secure, and compliant manner.
Nov 30, 2021   |  By Nikki McDonald
Have you heard about the Puppet Practice Labs? Our free, browser-based, hands-on labs cover a variety of topics for getting started with Puppet — everything from installing the primary server to identifying server roles using package data collection, and much, much more. You can read more about them in my previous blog post. We’ve designed Puppet Practice labs to make learning Puppet fun, engaging, and memorable for learners of all levels.
Nov 18, 2021   |  By Chris Lawrence
Nowadays, staff in organizations are required to access multiple applications in their infrastructure. This can lead to the user having to manage multiple login credentials and passwords. There are many solutions available that provide a single sign-on (SSO) capability — such as Okta, LDAP, and Active Directory — which is becoming common practice across businesses.
Nov 16, 2021   |  By Jerry Mozes
The world has changed since I started out on a help desk in Colorado 25 years ago. In those long ago years, a company’s desktop machines actually lived under the desks of many in the organization (and often doubled as a foot warmer!) and configuration was done machine by machine manually, or maybe even by some script that was created to run at login if we were lucky. If there were laptops in use by the business users, they were a lot less mobile and rarer than in today’s business world...
Nov 4, 2021   |  By Puppet
A successful platform is normally measured by adoption and usage — important metrics to track to ensure you’re serving your internal customers. From a business perspective, though, you also need to show that your platform delivers a worthy return on the investment your organization makes to build, run, maintain and evolve it.
Nov 4, 2021   |  By Puppet
In the Puppet Solutions Architect team we work closely with customers to examine existing processes and improve them through automation. We use a lightweight version of Event Storming that has proven to be very effective at reducing toil and applying automation effectively, and in this session, we will show you how you can use this technique yourself.
Nov 4, 2021   |  By Puppet
As we have seen, the world can change quickly. What you were working on yesterday may not be what you work on today. How do you adapt and be able to existentially flex, stay ahead, and deliver quickly. This session will look at how to do this by building composable solutions with APIs to integrate, connect, and automate various infrastructure operations. Leverage various cloud APIs to build high quality solutions through reusability and sharing for quicker time to delivery.
Oct 26, 2021   |  By Puppet
Deepak and Kelsey have a long history in a shared industry — they both worked at Puppet when it was still called Puppet Labs, and collaborated on some of the most exciting projects that made Puppet what it is today. Join Deepak and Kelsey for a fireside chat during which they’ll discuss the evolution of configuration management and automation, how their careers have overlapped and diverged, and what they envision for the future of cloud and ops.
Oct 1, 2021   |  By Puppet
In DevOps we are used to talking about application velocity. But velocity without a framework is short lived and potentially creates more risk than benefit. Code-to-Cloud visibility is the practice of making sure engineering teams have visibility across the entire SDLC in depth and breadth. With code-to-cloud visibility organizations understand the impact of application development from feature definition to it running in production.
Oct 1, 2021   |  By Puppet
The classic view we have on the CMDB is no longer sufficient. Having a static database of Configuration Items that is heavily guarded by a Change Management process, no longer suffices in a modern, agile, or cloud-native environment. A modern CMDB should be the heart of your automation journey, both being managed by your automation as well as feed information back to your platform via automation. This session will tackle how focusing your efforts on a good, lean CMDB with the necessary (automated) processes around it, can greatly increase your platforms growth, maintenance and agility.
Oct 1, 2021   |  By Puppet
A meme filled wander thru how and why we created PuppetDB clusters at Splunk.
Sep 13, 2021   |  By Puppet
An overview of Puppet's compliance enforcement solution, including Puppet Enterprise, Comply, and CEM. Puppet automates the process of configuring and maintaining CIS benchmark compliance across your environment: Windows and Linux, Cloud and on-prem.
Jul 28, 2021   |  By Puppet
Ever wondered how to manage your macOS resources with Puppet? Look no further! Using Jamf and Puppet means you have full control over your macOS fleet, available in the next version of Puppet Enterprise.
Jul 15, 2021   |  By Puppet
On today's episode, Kenaz tells Lauren the story of how Relay came to be, the problems it solves, and what the future use cases might look like as gives a demo of its features and functionality.
Jul 13, 2020   |  By Puppet
As organizations move along their digital transformation journey, they will encounter technical challenges and pitfalls along the way. While the destination offers many benefits, getting there can be hard. It takes experience and knowledge, along with technical expertise, to navigate this path to a more agile, flexible organization. Learn how to get there in this white paper.
Jul 13, 2020   |  By Puppet
A primary goal of most DevOps initiatives is to increase the speed and agility of software development and delivery. Unfortunately, this objective often seems to be at odds with good security practices, reducing the window of time for security assessment and introducing new attack vectors. But DevOps and security don't have to be mutually exclusive. In fact, the principles that drive good outcomes for software development can also lead to more secure infrastructure. Read the ebook for guidance on designing a DevOps workflow that incorporates - and enhances - security.
Jul 1, 2020   |  By Puppet
If you're managing an IT team, you may be turning to DevOps as the path to faster delivery of software. DevOps can help your team become more efficient - and your organization more competitive - but you'll need to be able to communicate to your team why things are changing and how their usual working practices are likely to alter. In this guide we tease out the whys and hows of DevOps as you work with your team and the approaches that make a DevOps initiative successful.
Jul 1, 2020   |  By Puppet
Speeding remediation reduces the cost of compliance and vulnerability of the IT estate. When looking for issues that slow remediation, notice the hand off from security to IT. Download this free resource to learn how the interaction between IT and Security can be improved to speed compliance.
Jun 1, 2020   |  By Puppet
With the proliferation of high-profile hacks, data breaches and ransomware, it's easy to feel insecure about your organization's security these days. But not all security issues have to do with purposeful hacks and attacks. For many IT teams, the challenge is maintaining strict rules and regulatory requirements for everything from credit card data to health information privacy. Failing to maintain compliance can put your organization at risk of everything from lost business to substantial fines - or worse.
Jun 1, 2020   |  By Puppet
With the right foundation and optimizations, your teams can successfully adopt continuous delivery practices - and deliver software faster, with fewer bugs and lower risk. If you're getting started with continuous delivery or evolving your approach, there are a few strategic considerations that can keep you on the right path.
May 1, 2020   |  By Puppet
In this paper, we talk about four common challenges to today's software delivery automation and discuss how you can overcome those challenges. Continuous delivery (CD) enables organizations to deliver quality software in record time, helping businesses meet rapidly growing and changing demands. As CD practices and tools have matured, more organizations and teams are beginning - or are well down the path of - their own journeys, using automation to speed up software delivery.
May 1, 2020   |  By Puppet
Are you looking to migrate from your on-premises data center to AWS - or to accelerate the process? Or would you like a simple and reliable way to manage your infrastructure and applications across all your environments? Puppet can help.

Puppet is driving the movement to a world of unconstrained software change. Our revolutionary platform is the industry standard for automating the delivery and operation of the software that powers everything around us.

It isn’t humanly possible to keep up with the constant innovation and risks that new technology brings. Automation has become a requirement, and Puppet sets the standard for delivering and managing your IT estate predictably and at scale. Our solutions automate how you continuously deliver, make compliant, remediate, and manage your multi-cloud environment. So you can focus on more important things in your life.

Use Cases:

  • Continuous Delivery: Ship more, do more with the right continuous delivery workflows and tools to increase your development and operations teams’ agility. They lower time to value of your infrastructure and the software it runs.
  • Continuous Compliance: The alphabet soup of regulatory standards and security best practices you try to comply with — and the associated penalties for not doing so — are no joke. Auditors expect your teams to implement and abide by operational, security, and regulatory policies 24/7, and to prove it when they show up.
  • Incident Remediation: With the proliferation of high-profile hacks, data breaches, and ransomware, it’s easy to feel insecure about your organization’s security. You have to protect your company like never before — particularly as your infrastructure grows and diversifies, presenting a broader surface for attackers.
  • Configuration Management: Are you spending more time fighting fires than deploying new, innovative services and applications? You are not alone. Most IT teams say it takes weeks, even months, to deploy critical applications. There’s got to be a better way to manage infrastructure. With automation, you eliminate manual work, minimize risk of human error, and make it possible to deploy fast, safely and reliably.

Make infrastructure actionable, scalable and intelligent.