Try Puppet 
Search Puppet.com
Why Puppet

Puppet is the industry standard for IT automation.

Manage and automate more infrastructure and complex workflows in a simple, yet powerful way.

Customers
Open source
Cloud & Hybrid Automation

Accelerate your cloud journey with an enterprise automation platform for your hybrid estate.

Continuous Compliance

Enforce compliance across hybrid infrastructure with policy as code and model-driven automation.

Scaling DevOps

Modernize faster with Puppet DevOps consulting and infrastructure as code.

Use Cases
Integrations
Products
Pricing & PackagingGet Puppet Enterprise

First 10 Nodes are free!

Custom consulting services

Get you up and running quickly with a custom solution that addresses your unique business goals and easily allows for growth as your needs evolve.

Professional services
TrainingOpen source
Support
Puppet Compass Logo
Puppet Compass

Puppet Compass is your source for tools and best practices to address common business challenges.

Get Started
Resource library
State of DevOps Report

Since launching our first DevOps survey in 2012, we’ve learned a lot about the power of DevOps to transform organizations.

Puppet Events
Join us for a Puppet event

It's our community that makes Puppet great. Connect with Puppet users and employees.

Virtual Events
Puppet Community
Connect
Puppet Events
About Us

Puppet frees you to do what robots can’t. We make automation software because you’ve got better things to do.

Company
Press & news
Our voiceWorking at Puppet

Qualys

Efficiently Manage Security Vulnerabilities Faster with QualysVM® and Puppet Remediate™
Puppet Remediate Request a demo 
qualys logo

Shared vulnerability data

With Puppet Remediate, InfoSec runs scans with QualysVM, but instead of manually exporting scan data into spreadsheets or PDFs, Puppet Remediate integrates with QualysVM, eliminating the need for manual data handover from InfoSec to IT Ops.  IT Ops receives read-only live scan data automatically with Puppet Remediate. With streamlined processes, InfoSec and IT Ops work better together, eliminating delays and risks of miscommunication.

Risk-based prioritization in a single dashboard

Hackers don’t attack what you think you have but what you really have. This makes asset discovery critical in your vulnerability management process. Puppet Remediate enables you to know what hardware and software you have in your infrastructure and shows what needs immediate attention.

Enhance the vulnerability risk score provided by QualysVM, multiplying the score by the number of nodes affected. Know what to fix first so you can take immediate action and remediate vulnerabilities starting from the most vulnerable nodes in your infrastructure.

Agentless remediation

Take immediate action on vulnerabilities with agentless tasks that you can run on your Linux or Windows hosts. Use pre-built tasks that allow you to manage packages and services and run shell commands. Upload your own scripts or use existing modules from the Puppet Forge. Reduce the time you spend fixing vulnerabilities from days to minutes.

How it works

  1. QualysVM discovers assets and their vulnerabilities
  2. Puppet Remediate pulls read-only scanning data automatically from QualysVM
  3. In Puppet Remediate’s dashboard, view a summary of vulnerabilities affecting your infrastructure
  4. In Puppet Remediate, filter by the most vulnerability hosts or by CVE for risk-based prioritization
  5. Fix vulnerability packages with agentless tasks
    • You can manage packages, manage services or run arbitrary shell commands, all secured with Role Based Access Controls.
    • It’s extensible by adding automation you provide, either by uploading scripts you use, or adding modules from Puppet Forge
  6. QualysVM then reports on remediation success, confirmed on the next scan
Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.