Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
CMMC Requirements for 2026: How to Stay CMMC 2.0 Compliant & Prove Maturity at Any Level
CMMC requirements have been shifting recently, with a new version of the Cybersecurity Maturity Model Certification (CMMC 2.0) and distinct levels requiring distinct controls. Mandatory for practically any organization doing business with the US Department of Defense (DoD), CMMC is unavoidable all along the DoD’s supply chain.
AI in DevOps: How MCP and Puppet Are Changing Infrastructure Automation
AI adoption in DevOps is accelerating, but trust, accuracy, and real-world usability still matter. In this conversation, Jason St-Cyr sits down with Jessica Gao, Product Manager at Puppet, to unpack how AI is actually being used in infrastructure and operations teams today, and what’s changed over the last 12–18 months. They dive into why enterprises are moving past generic code generation tools and toward domain-specific, MCP-powered AI that integrates directly into existing workflows.
From Abstract Risk to Real Impact: Why Security Is Everyone's Job
It is 2:13 a.m. A mobile alert fires due to elevated error rates on a customer facing API. You jump in. Metrics show a spike in auth failures. The service was not deployed recently. The code appears unchanged. But something is different.
Making the Case for Vendor-Backed Puppet Core
Thousands of organizations rely on open source community builds for infrastructure automation. But if you're tasked with certifying, maintaining, and patching those builds yourself, you know the burden firsthand. The reality is that managing open source internally consumes time, introduces risk, and diverts resources from higher-value initiatives. When critical vulnerabilities emerge, your team scrambles to assess, test, and deploy fixes, all while keeping production environments stable.
Agent vs. Agentless: What is better for Infrastructure Management?
The “agent vs agentless” debate usually comes up when teams are trying to choose an infrastructure automation approach that will not compromise security, compliance, or impact day-to-day operations. You need to manage a hybrid estate, avoid creating more work for already stretched teams, and ideally do it without stitching together multiple tools. That pressure often turns the conversation into a binary choice: which approach is better?