homeblogsecurity and compliance insights from puppetize pdx

Security and compliance insights from Puppetize PDX

You have to protect your organization and its reputation like never before — particularly as your infrastructure grows and diversifies, presenting a broader front for attackers. Your ever-expanding environment isn’t safe — and neither is your company’s brand.

Sadly, ensuring systems are secure is a job that can consume a lot of your work days and weekends, leaving you feeling like you haven’t accomplished much. It’s soul-crushing, manual work. Where do you start?

During our recent Puppetize PDX user conference, experts shared their perspectives on ways you can ensure systems continuously remain secure, meet compliance requirements, and most importantly, give you some valuable time back. Here are some of their insights.

Attackers work together, why don’t defenders?

There are more defenders than attackers out there, so we can win this battle. What if we shared the work by creating solutions to vulnerabilities as a community? We could use our collective expertise and strength in numbers to combat the attackers. Learn from Puppet’s very own senior product manager, Jonny Stewart (@stewartjonathan) how Puppet is forming and facilitating a community of defenders.

Puppetizing the pain out of patching

Patching is essential to combating security vulnerabilities that can put your organization, network, and users at risk. But applying patches to a large number of vulnerable services and servers can be a challenge that often requires a great deal of manual work. In this talk, Tony Green, DevOps practice lead at Katana 1, discusses how to manage patching on Linux and Windows servers using a single tool.

Windows security, compliance, and patching

With infrastructure as code and configuration management becoming more commonplace in the Windows ecosystem, many questions remain or have arisen around how security, compliance, and patching work in a world full of clouds and pipelines. In this talk, senior sales engineer at Puppet, Matthew Stone (@matthewstone), discusses some of the challenges around defining what security, compliance, and patching processes look like in your organization, and how you can use various tools and processes to deliver fully provisioned and secured systems that can meet your company's compliance requirements.

We hope you enjoy these insights and encourage you to learn about how Puppet can help quickly reduce the number of vulnerabilities present in your infrastructure!

Stephanie Stouck is a senior principal product marketing manager at Puppet.

Learn more