Puppet Enterprise Advanced Updated
April 23, 2025

Perforce Software announced the release of its latest platform update for Puppet Enterprise Advanced, designed to streamline DevSecOps practices and fortify enterprise security postures.

This release incorporates more advanced and proactive remediation options, allowing organizations to accelerate their response to security vulnerabilities by fostering greater collaboration between platform and security teams.

Puppet's latest platform update enables enterprises to rapidly address known vulnerabilities by integrating security remediation within core infrastructure workflows to accelerate responsiveness to identified threats. Embedding this capability into established processes gives operations and security teams a shared understanding of their security posture and automates critical remediation tasks to eliminate inefficient cross-functional handoffs.

"Vulnerabilities continue to increase, with around 40,000 known vulnerabilities in 2024. Because of this explosion in vulnerabilities, the mean time to remediate continues to increase, leaving companies extremely vulnerable to attacks. Enterprises must combat this by integrating security with infrastructure automation to shorten the vulnerability remediation cycle," said Tzvika Shahaf, Vice President of Product Management at Perforce. "Our new release empowers organizations to unlock a collaborative DevSecOps environment by shrinking the opportunity window for attackers. In future Puppet releases, the pace will quicken further with human-in-the-loop, AI-driven automation."

Puppet enables the platform team to support security initiatives to improve resiliency and reduce the MTTR (mean time to remediate). Lowering risk, improving efficiency, and reducing cost is accomplished by providing:

- Remediation of known vulnerabilities is streamlined by integration with leading security scanners. Tenable Nessus is included out-of-the box and other popular scanners are available via an extensible architecture and open API framework. Self-service workflows and cross-functional visibility break down siloes to eliminate efficiency bottlenecks and accelerate resolution.

- Patching workflows are managed directly in Puppet and benefit from an intuitive GUI interface. Support for maintenance and blackout windows ensures less business interruption while dynamic patching groups provide the operational efficiency necessary when managing extensive hybrid estates.

- Desired state enforcement ensures configurations remain continuously aligned with security policies. Remediation is automatic when discrepancies are identified along with the generation of documentation needed by auditors.

- Automatic alignment with popular security baselines via pre-built, reusable policy as code (PaC) modules ensuring the latest best practices are always being applied.

Share this

Industry News

May 15, 2025

GitLab announced the launch of GitLab 18, including AI capabilities natively integrated into the platform and major new innovations across core DevOps, and security and compliance workflows that are available now, with further enhancements planned throughout the year.

May 15, 2025

Perforce Software is partnering with Siemens Digital Industries Software to transform how smart, connected products are designed and developed.

May 15, 2025

Reply launched Silicon Shoring, a new software delivery model powered by Artificial Intelligence.

May 15, 2025

CIQ announced the tech preview launch of Rocky Linux from CIQ for AI (RLC-AI), an operating system engineered and optimized for artificial intelligence workloads.

May 14, 2025

The Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced the launch of the Cybersecurity Skills Framework, a global reference guide that helps organizations identify and address critical cybersecurity competencies across a broad range of IT job families; extending beyond cybersecurity specialists.

May 14, 2025

CodeRabbit is now available on the Visual Studio Code editor.

The integration brings CodeRabbit’s AI code reviews directly into Cursor, Windsurf, and VS Code at the earliest stages of software development—inside the code editor itself—at no cost to the developers.

May 14, 2025

Chainguard announced Chainguard Libraries for Python, an index of malware-resistant Python dependencies built securely from source on SLSA L2 infrastructure.

May 14, 2025

Sysdig announced the donation of Stratoshark, the company’s open source cloud forensics tool, to the Wireshark Foundation.

May 13, 2025

Pegasystems unveiled Pega Predictable AI™ Agents that give enterprises extraordinary control and visibility as they design and deploy AI-optimized processes.

May 13, 2025

Kong announced the introduction of the Kong Event Gateway as a part of their unified API platform.

May 13, 2025

Azul and Moderne announced a technical partnership to help Java development teams identify, remove and refactor unused and dead code to improve productivity and dramatically accelerate modernization initiatives.

May 13, 2025

Parasoft has added Agentic AI capabilities to SOAtest, featuring API test planning and creation.

May 13, 2025

Zerve unveiled a multi-agent system engineered specifically for enterprise-grade data and AI development.

May 12, 2025

LambdaTest, a unified agentic AI and cloud engineering platform, has announced its partnership with MacStadium(link is external), the industry-leading private Mac cloud provider enabling enterprise macOS workloads, to accelerate its AI-native software testing by leveraging Apple Silicon.

May 12, 2025

Tricentis announced a new capability that injects Tricentis’ AI-driven testing intelligence into SAP’s integrated toolchain, part of RISE with SAP methodology.