Operations | Monitoring | ITSM | DevOps | Cloud

Python is deeply embedded in modern infrastructure, but many organizations continue to run outdated Python across critical systems. Sticking with older runtimes may seem harmless, but it quickly piles up technical debt as teams spend more time maintaining fragile code and applying workarounds. Over time, that debt translates into a high financial drain.

IT compliance is a broad discipline that ensures your organization’s systems operate in line with privacy, security, and regulatory expectations. Security and compliance teams use technical controls and automation to monitor, correct, and maintain compliance across the entire IT estate. Without a solid IT compliance management strategy, your organization faces elevated risks, from security breaches and downtime to financial penalties and legal consequences.

Puppet Edge Workflows, available with Puppet Enterprise Advanced, provide the orchestration tools to define multistep workflows to run against your infrastructure. This allows Puppet experts to create workflows that Ops teams can run without having deep Puppet language knowledge or the underlying infrastructure.

Over the course of 2025, the Puppet Core team has been committed to developing secure, hardened Puppet code that our customers can rely on. As part of that shift, many Puppet platform components, including Facter, were brought under the Puppet Core model and were moved into private repositories.

In early October, Red Hat disclosed a breach of a GitLab system used by its Consulting division. Threat actors claim to have exfiltrated hundreds of gigabytes of project data — and while investigations are still underway, reports suggest consulting engagement artifacts may have been impacted. For the organizations involved, the concern isn’t limited to reputational damage.

When thinking about imperative infrastructure commands and Day 0 tasks for provisioning infrastructure, Ansible is an oft-mentioned tool that has been popular among practitioners for its easy YAML syntax and agentless architecture. You might have used Ansible to get your infrastructure started or for other “one-and-done” infrastructure automation scenarios.

Whether you are an all-in vibe coder or AI skeptic, you probably know that most software developers are now incorporating AI into their day-to-day process.

Infrastructure teams manage not only servers and cloud resources, but also complex network environments. Routers, switches, and firewalls…often from multiple vendors with many models and versions. The devices require a consistent configuration and strict compliance enforcement to meet enterprise requirements.

Infrastructure automation is evolving… and so is Puppet! While Puppet has long been known for its strength in Day 2 operations through agent-based desired state configuration, Puppet also extends across Day 0 and Day 1 tasks. With Puppet Edge, you can target network devices alongside your existing infrastructure, enabling your teams to manage more scenarios, more devices, and more workflows. All from a single platform.

The launch of Puppet Edge this week could not have been more timely. Within a day of its general availability, Cisco disclosed a vulnerability in its IOS and IOS XE software, followed almost immediately by an Event Response detailing two additional critical-severity CVEs affecting its firewalls.