Puppet Releases Remediate 2.0
As we look to continue to provide value to our Remediate customers, we focused on how we create simple and effective workflows in the product. Our customers have told us there are some really important quality of life features that would go a long way in helping reduce the pain and frustration of remediating vulnerabilities and enable them to better communicate with their security partners.
We are thrilled to announce the release of Puppet Remediate 2.0. This release is a culmination of months of work to bring more clarity in how you can consume data from Tenable.io and Qualys, as well as being able to augment the existing data with additional metadata. With this release, remediation teams and security teams can now view and talk about the nodes with consistency, making it easier to prioritize and contextualize remediation actions.
When Puppet Remediate 1.4 was released last year, we introduced an integration with Puppet Enterprise which gave users access to a common automation workflow. This gives you an additional way of executing remediation tasks by leveraging the Puppet Agent rather than relying on SSH or WinRM. With the integration into Puppet Enterprise, you won’t have to worry about storing credentials for remote access. The option is still available for you if you want to go with that route, but having the Puppet Agent execute the tasks simplifies the entire process.
The value included in Puppet Remediate 2.0
With Puppet Remediate 2.0, we are bringing in node tagging in two forms.
Context and Priority
You are now able to tag nodes within Puppet Remediate in order to group the nodes in a way that makes sense to your operations. It’s important to be able to slice and dice your data in a way that allows you to contextually prioritize your remediation efforts and having a way to designate your production servers from your staging servers, or your Windows Servers from your workstations, will help you address the vulnerabilities where they are the most critical. Tags that were created in Remediate are fully editable and are managed within Remediate.
Clearer Alignment and Transparency with Security Teams
The second way of leveraging our new tagging capabilities is the ability to import the tags that are already created in your Qualys or Tenable.io vulnerability scanners. When setting up your vulnerability source, you have the option to import tags in addition to importing scan results. Rather than re-creating tags, the tags come in from the scanner to help create alignment with the Security team and bridge the context gap. You will be able to slice and dice the data the same way they do, giving everyone a common view of the nodes and their priorities. This is a really great way to talk about the nodes in your environment in a consistent way that everyone understands. Tags that are imported from your security scanner are immutable, but they will get updated every time data is ingested by Remediate.
Remediate 2.0 can aid you in reducing risk
This is an important step in helping customers reduce risks in their environments. By speaking the same language and referring to your nodes the same way between teams, it helps create bridges when it comes to making sure vulnerabilities are prioritized and corrective actions are taken in your environment.