The Forge team at Puppet has been hard at work for the past few months building out a malware scanning framework in order to help folks be more proactive about their security posture. Now, to be clear, this doesn't replace your own security mitigations. You should still audit untrusted code. You should still run your own virus protections. There are many layers in a robust security profile, and this is only one of them.

It can be challenging to manage enterprise infrastructure across hybrid cloud and on-premises environments with accurate and timely tracking asset details — especially if you don't know what you have. The more systems deployed, the more visibility is necessary for your IT operations teams to meet critical business Service Level Agreements successfully.

Hi, it’s me... Back again with something exciting: Puppet’s new Compliance Enforcement Modules, or CEMs. We’ve been working on some pretty cool stuff since we launched Puppet Comply last year. Lots of great feedback has come in, and we’re thankful for every opportunity we get to show our customers how we can help. This feedback comes in many forms, but one of the things we’ve heard time and time again is that achieving compliance is still hard.

This is the second post in a four-part series on why Open Source Puppet users have made the decision to move to Puppet Enterprise. If you’re considering making this change, read on for pros and cons! As more and more businesses are moving from Open Source Puppet (OSP) to Puppet Enterprise (PE), they are experiencing multiple benefits. In this blog series, we’re exploring the biggest benefits we hear from customers about their experience moving from OSP to PE.

Today, it’s difficult to compile a list of all the managed infrastructure you have across your global estate. It’s even more difficult to collect all of the properties and values that make up that infrastructure, such as operating systems, enterprise licenses, networks, disks, mount points, data centers, regions, patch states, hypervisors, and so much more. Nevertheless, it’s ever more critical to have this information at your fingertips.

The Puppet Developer Kit was launched in 2017 to help our users develop high quality modules faster and over the years, it has seen regular development towards that goal. It was designed to be a single install that would provide everything you needed to write, lint, test and publish a Puppet module — and for the most part, that's what it did.

This past June, Puppet launched Puppet Practice Labs — free, hands-on, interactive tutorials you work through right in your browser — no downloads required. We launched with four step-by-step how-tos on using Puppet Enterprise and Bolt. Feedback was overwhelmingly positive. The biggest request we heard? More, please. Good news! We have a whole slew of new Puppet Practice Labs in development. We want to give you a sneak peek, but there’s a catch.

This is the first post in a four-part series on why Open Source Puppet users have made the decision to move to Puppet Enterprise. If you’re considering making this change, read on for pros and cons! As more and more businesses are moving from Open Source Puppet (OSP) to Puppet Enterprise (PE), they are experiencing multiple benefits. In this blog series, we’re exploring the biggest benefits we hear from customers about their experience moving from OSP to PE.