The winter release of Puppet Enterprise is now available. Puppet continues to build out its flagship product to help organizations scale DevOps initiatives, meet compliance requirements, and deliver on cloud and hybrid initiatives. With this release, we’ve focused on delivering key enhancements to help boost productivity, giving organizations the ability to automate faster and more securely at scale.
Security is essential. It’s top of mind for organizations of all sizes and it’s certainly a top priority for Puppet. The latest release of Puppet Enterprise 2021.0 now offers support for SAML 2.0 providing a more secure and efficient authentication path for our customers to access their Puppet environments, applications and tooling.
Our 2020 State of DevOps Report focuses on two areas that can help organizations scale their DevOps initiative: a platform approach to software delivery and applying DevOps principles to change management. We found that internal platform usage is widespread — 63 percent of respondents report their company has at least one self-service internal platform.
Security is paramount in today's digital world. Bad actors can use sensitive data to wreak havoc across thousands of machines in minutes if organizations do not have a solid cybersecurity strategy. Compliance requirements and regulations are increasingly calling for key management and strong encryption as part of a business's cybersecurity strategy. These are no longer optional but mandatory security requirements as DevOps also gains in popularity for agile development and application deployment.
Most of you are familiar with the roles and profiles method of writing and classifying Puppet code. However, the roles and profiles method doesn’t have to exist only in your control repository. In fact, as I’ve been developing Puppet code centered around compliance, I’ve found that adapting the roles and profiles method into a design pattern to Puppet modules makes the code more auditable, reusable, and maintainable!
Moving to the cloud brings benefits such as reduced infrastructure costs, increased scalability, and added redundancy. As your company takes advantage of the cloud, you may follow the trend to automate both the creation and destruction of cloud resources.
I’m really pleased to announce Puppet’s new Scaling DevOps Service, a pop-up consultancy inside Puppet designed to advise businesses on how to automate, streamline, and scale DevOps practices. This service was established as a result of conversations with dozens of customers who all stagnated in their DevOps evolution and turned to us for advice on how to scale that wall.
For Windows teams that adopt a DevOps approach, augmenting their native toolset (GPO, SCCM, PowerShell) can offer reliable and repeatable processes that successfully affect change. This quick overview highlights how Puppet Enterprise can complement existing Windows tools for better visibility and transparency across the automation processes.
The first two posts in our compliance blog series focused on managing compliance through automation. In this third post, we take a step back to explore a more foundational — but no less important — topic: What’s the difference between compliance and security? Is compliant infrastructure secure infrastructure? People often talk about compliance and security as though they’re one and the same.
SolarWinds' widely-used Orion IT platform has been the subject of a supply-chain compromise by an unidentified threat actor. The attack was discovered in December 2020, but it appears to have begun in March 2020 when the attacker used trojan malware to open a backdoor on SolarWinds customers around the world.
