Puppet Comply Introduced
October 22, 2020

Puppet announced Puppet Comply, a new product built to work with Puppet Enterprise aimed at assessing, remediating, and enforcing infrastructure configuration compliance policies at scale across traditional and cloud environments.

Now, with Puppet Comply and Puppet’s compliance service offerings, enterprises can drive continuous compliance across multiple frameworks including Center for Internet Secruity (CIS) benchmarks.

The average cost for organizations that experience non-compliance is upwards of $14.82 million, a 45 percent increase from 2011, making it a larger and more noticeable pain point for CIOs and CTOs. With an increase in regulatory standards over the past several years, maintaining compliance to pass audits and to maintain costs has become more complex.

Puppet’s product and service solution not only speeds up the ability to find compliance issues but also continually fixes these issues across an organization’s infrastructure to ensure enterprises do not cut corners when it comes to compliance, while maintaining fiscal responsibility. And organizations are using this technology today. For examples, a large bank’s Cloud Ops team was able to improve their compliance score from 50 percent to 92 percent through Puppet’s compliance use case.

“In today’s enterprise, CIOs are responsible for a myriad of competing priorities - from increased agility mandates and accelerating time to market to addressing security and compliance concerns before they impact customer trust,” said Abby Kearns, CTO at Puppet. “Of these priorities, compliance is all too often deemed an inhibitor of delivering features faster. With Puppet Comply, CIOs no longer need to pick compliance over innovation or speed, but instead can automate their compliance without impacting agility objectives.”

By scanning infrastructure against industry benchmarks, Puppet Comply addresses a wide variety of compliance needs, including:

- Desired and enforced state: Puppet Enterprise’s desired state expertise is leveraged through Puppet Comply, helping organizations apply and continually enforce compliant configurations across their infrastructure. Puppet Comply makes it significantly easier to ensure estate-wide compliance with CIS benchmarks, all with less overhead and manual work.

- Increased visibility: ITOps teams can now run their own compliance scans to determine which controls are passing or failing per node, providing teams with a holistic view of compliance status across their infrastructure. These scans make it quick and easy to identify the cause of compliance failures.

- Efficient auditing: Puppet Comply generates easy-to-read reports, providing the necessary insight to managers and leaders as well as proof of compliance status to auditors.

- Complete compliance through content: The services team at Puppet helps enterprises find compliance issues and builds content to fix these issues using the company’s best practices to save the team hours of time. Organizations who implement compliance protocols through Puppet Enterprise spend 76% less time fixing security and compliance issues and more time on innovating.

“The work required to ensure infrastructure compliance in order to pass audits is painstaking and time-consuming, particularly in organizations with large and complex infrastructure,” said Alex Hin principal product manager at Puppet. “Additionally, most security and ITOps teams work in silos, with disparate tools and priorities. Puppet Comply ensures ITOps teams have the tools and resources they need to proactively manage compliance without disrupting, or duplicating, the security team’s workflow.”

Share this

Industry News

December 02, 2020

Amazon Web Services (AWS), an Amazon.com company, announced Amazon DevOps Guru, a fully-managed operations service that uses machine learning to make it easier for developers to improve application availability by automatically detecting operational issues and recommending specific actions for remediation.

December 02, 2020

Salesforce and Slack Technologies have entered into a definitive agreement under which Salesforce will acquire Slack.

December 02, 2020

Kasten by Veeam announced Kasten K10 v3.0.

December 02, 2020

Mattermost announced the launch of Mattermost Cloud, a new SaaS platform that is designed to optimize collaboration for DevOps teams and privacy-conscious enterprises.

December 01, 2020

CloudBees announced a virtual launch event on December 10 to formally release the first two modules of its Software Delivery Management solution: CloudBees Engineering Efficiency and CloudBees Feature Management.

December 01, 2020

GitOps creator Weaveworks announced the availability of release 2.4 of Weave Kubernetes Platform (WKP).

December 01, 2020

Adaptavist has joined the Sonatype partner program as a Platinum Enterprise Partner.

November 30, 2020

Shipa is open sourcing Ketch, Shipa's deployment engine, under Apache License Version 2.0.

November 30, 2020

Portworx by Pure Storage announced its qualification and support of Portworx Enterprise for Google Cloud's Anthos on bare metal.

November 30, 2020

SnapLogic now supports SaaS contracts in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).

November 24, 2020

Red Hat announced new capabilities and features for Red Hat OpenShift, the company's enterprise Kubernetes platform.

November 24, 2020

Sectigo released Chef, Jenkins, JetStack Cert-Manager, Puppet, and SaltStack integrations for its certificate management platform.

November 24, 2020

DataStax released K8ssandra, an open-source distribution of Apache Cassandra on Kubernetes.

November 23, 2020

Spectro Cloud has released a new, self-hosted version of its flagship product, Spectro Cloud.

November 23, 2020

GitLab completed integration of Peach Tech, a security software firm specializing in protocol fuzz testing and dynamic application security testing (DAST) API testing, and Fuzzit, a continuous fuzz testing solution providing coverage-guided testing.