Puppet rolls out new integrations for security and compliance
DevOps automation company Puppet Inc. today announced a number of new integrations during its Puppetize Digital 2021 virtual conference to support more automation through self-service at large scale and provide customers more security across hybrid infrastructures.
Announcements at Puppetize Digital included Compliance Enforcement Modules bundled into Puppet Comply, a new integration for ServiceNow Graph Connector Program for Puppet Enterprise and a new malware scanner feature for newly published modules on Forge.
With more new vulnerabilities reported every day Puppet has begun to focus on infrastructure security compliance across environments to allow teams to make the best decisions. Generating a culture of increased collaboration between teams requires greater visibility and automation for DevOps teams in native, cloud and hybrid environments.
Puppet Comply and Compliance Enforcement Modules
Puppet today announced Compliance Enforcement Modules for Puppet Comply, which will provide customers with turnkey compliance remediation and enforcement policies that work with Puppet Enterprise.
The Compliance Enforcement Modules system allows for the enforcement of policy-as-code configuration management aligned with the Center for Internet Security Benchmarks for both Windows and Linux. It delivers the baseline industry-agreed cybersecurity standard best practice for code configurations to ensure security compliance.
Right now compliance is something too many companies do with spreadsheets, Abby Kearns, chief technology officer of Puppet, told SiliconANGLE. It’s often a tedious, manual process that involves an individual checking off lines.
“If there’s anything we can automate, compliance should be the first thing we automate,” Kearns said. “This is something computers should definitely do for us.”
Failure to comply with regulatory standards can lead to failed audits or risk assessments. This alone can lead to massive fines or lost business. Being able to automate the ability to come into compliance means being able to do in minutes or hours what could take weeks or months with a manual process.
With Puppet Comply, Puppet has been investing in innovations that allow customers to rapidly identify the origins of compliance issues. This allows teams to rapidly make configuration changes to enforce policies that scale across environments.
“The need to automate policy and governance to manage infrastructure helps the infrastructure and operations team break free from reactive processes and puts them at the center of understanding what is out of compliance and how to fix it more easily and seamlessly,” said Kearns. “We’ve been developing solutions and technology in this space alongside our customers to help address current and future needs.”
Starting today, Compliance Enforcement Modules will allow Puppet customers to bring their infrastructure into compliance to decrease financial and security risk across the organization.
ServiceNow Graph Connector for Puppet
ServiceNow customers can quickly, easily and reliably ingest relevant and accurate data from Puppet-managed assets into ServiceNow’s configuration management database to make informed decisions about their hybrid cloud infrastructures.
Using the ServiceNow Graph Connector for Puppet will automate data collection and reporting for all ServiceNow products, tying together technology, people and processes into a service-oriented view. It’s a connected approach that assists with the automation of development and cloud operations and risk management.
“The importance of operating with accurate and correct real-time information across hybrid infrastructures is essential in accelerating the resilience of releases and IT projects,” said Molly Erdle, product manager at Puppet. “The incorrect mapping of configuration items or inaccurate data only leads to more complexity and, on occasion, financial loss.”
Administrators can now use the ServiceNow Platform to take advantage of Puppet-enabled actions, including restarting services to patching machines directly using the automation engine.
Forge module malware scanning
Puppet also has added a malware scanner feature to Forge, its module marketplace, that will automatically check newly published modules by the end of the year.
Developers spend tremendous amounts of time on code audits, reporting and correcting potential vulnerabilities in order to avoid potentially opening up systems to intrusion. Many companies do not allow the use of public code that has not been scanned – or sometimes audited by a third party – to prevent vulnerabilities.
The addition of Puppet’s new malware module scanning feature will add a more streamlined process for increasing the security profile of user-submitted modules in Forge.
“Puppet’s new module malware scanning on the Forge gives users peace of mind when it comes to selecting and consuming our modules,” says Ben Ford, product manager of Puppet’s Forge and Content Ecosystem. “This extra layer of protection improves trust in our content, benefits customers and open-source Puppet users, and encourages people to think and build more securely as they contribute to Puppet’s growing community.”
The rollout process for scanning will focus first on Supported modules, then Partner and Approved modules. By the end of the year, the feature will be available for all new releases of all community modules.
A message from John Furrier, co-founder of SiliconANGLE:
Show your support for our mission by joining our Cube Club and Cube Event Community of experts. Join the community that includes Amazon Web Services and Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger and many more luminaries and experts.
We really want to hear from you, and we’re looking forward to seeing you at the event and in theCUBE Club.