Security is essential. It’s top of mind for organizations of all sizes and it’s certainly a top priority for Puppet. The latest release of Puppet Enterprise 2021.1 now offers support for SAML 2.0 providing a more secure and efficient authentication path for our customers to access their Puppet environments, applications and tooling.

This blog is the first in a four-part series on infrastructure automation for government agencies that are modernizing digital systems while grappling with budget and staffing constraints and the challenges of COVID-19. The last 12 months have been a turning point for many government agencies. The COVID-19 pandemic has accelerated the drive towards modernization and, with it, the need to ensure security and compliance requirements across a host of legacy systems and processes.

As we look to continue to provide value to our Remediate customers, we focused on how we create simple and effective workflows in the product. Our customers have told us there are some really important quality of life features that would go a long way in helping reduce the pain and frustration of remediating vulnerabilities and enable them to better communicate with their security partners.

Relay has a substantial library of external services and tools — as of March 2021 there are 60 integrations in our Github organization. Each integration repo can contain multiple triggers, containers that receive webhook payloads from other services, and steps, which Relay executes to get stuff done in your workflow.

Today we’re proud to announce the general availability of Relay, a cloud-native workflow automation platform. We launched our public beta of Relay last June, and we’re now officially out of beta and open for business! We’ve been pretty busy during the beta period - early users have executed thousands of workflows, processed tons of events, and given us incredibly helpful feedback.

Whether you’re a current customer looking to expand across your Windows estate, or thinking of deploying Puppet across your infrastructure for the first time, we hope this blog post — based on real-world customer questions and problems — can help answer some of the questions you may have about Puppet.

Patching vulnerabilities can be daunting, especially if the information is confusing, and the process to deploy patches is long. There are going to be times where a zero day presents itself, and the vulnerability requires immediate action. Whether it’s a simple fix or not, the seriousness of some vulnerabilities can put organizations at risk. Deploying patches, especially for critical infrastructure, takes planning.

Take the 2021 State of DevOps Survey here. This year marks the 10-year anniversary of our industry-defining State of DevOps research. You’d think after 10 years that there wouldn’t be much more to say about DevOps, but practices and technologies continue to evolve, the best keep getting better, and we keep unearthing new topics to research.

I’ve got some exciting news! With the recent release of Puppet Comply 1.0.2, we’re providing the ability to assess Windows 2016 servers against DISA STIGs, required security standards for companies that do business with the U.S. Department of Defense. This new capability makes it drastically easier for organizations to assess and demonstrate compliance with DISA STIGs.