Hi, it’s me... Back again with something exciting: Puppet’s new Compliance Enforcement Modules, or CEMs. We’ve been working on some pretty cool stuff since we launched Puppet Comply last year. Lots of great feedback has come in, and we’re thankful for every opportunity we get to show our customers how we can help. This feedback comes in many forms, but one of the things we’ve heard time and time again is that achieving compliance is still hard.
We’ve all seen the headlines. It’s no secret companies are being forced to re-examine the employee experience and what the future of work will look like in a post-pandemic world. With the adaptation to remote work, the pandemic created a new normal—where office and home life are blended, and people became accustomed to more flexibility. Now that flexibility is a benefit people don’t want to lose.
If you've been using Let's Encrypt for a while, you may have noticed that their certificates are signed by a root certificate titled DST Root CA X3. That root certificate is set to expire in a few hours. Any certificates still signed by that root will no longer be valid. But luckily, that shouldn't form a problem for most Let's Encrypt users. For a while now, new SSL issuances by Let's Encrypt have issued certificates against DST Root CA X3 (the one that is about to expire) and ISRG Root X1.
Not so long ago, development teams working for the U.S. Department of Defense could take anywhere from three to ten years to deliver software. “It was mostly teams using waterfall, no minimum viable product, no incremental delivery, and no feedback loop from end users,” Nicolas M. Chaillan, Chief Software Officer of the U.S. Air Force, said in a CNCF case study. “Particularly when it comes to AI, machine learning, and cybersecurity, everyone realized we have to move faster.”