Puppet Extends Compliance Enforcement to Support Open Source Puppet Users in Meeting CIS Benchmarks

Security and compliance policy management tops the list of gaps for organizations

MINNEAPOLIS, MN, USA – January 23, 2024 – Puppet by Perforce, the industry standard for secure infrastructure automation, today has extended Compliance Enforcement to help support Open Source Puppet users in meeting security frameworks like Center for Internet Security (CIS) Benchmarks, DISA STIGs, and more.

Security risks are increasing across regions and industries, leaving today’s IT Operations teams underprepared for the next vulnerability, attack, or breach. Extending Compliance Enforcement to the open-source community leverages Puppet’s unique desired state configuration capabilities to help more organizations maintain the strong security and compliance posture they need to prepare for and defend against security threats. The new offering allows Open Source Puppet users to leverage Puppet policy as code (PaC) for automated compliance aligned with popular security standards.

“In response to feedback and the growing needs of Puppet’s open-source community, it naturally made sense to extend our Compliance Enforcement solution to meet a critical need for this group,” said Kapil Tandon, Vice President of Product Management at Puppet by Perforce. “We’re proud to have collaborated with the community to bring this solution to every Puppet user for the very first time.”

Across organizations of all sizes, IT teams carry the burden of maintaining continuous compliance, and in some cases being required to meet several complex frameworks at scale. With the increasing need to maximize resources, the exhaustive task of managing and meeting compliance can now be streamlined.

"Software should work for us, not the other way around."

Deepak Giridharagopal, Chief Technology Officer, Puppet by Perforce

Alongside compliance, the state of open source technology has changed at an unprecedented pace in recent years. From deprecation of key technologies to fluctuating access to core operating system distributions, consumers continue to navigate uncertainties about how their open source providers will be able to support their organizations’ goals in coming years.

“Open source is a core part of who we are. It's not a tactic; it's in our DNA,” said Deepak Giridharagopal, Chief Technology Officer at Puppet by Perforce. “Open source is an essential part of how we innovate and solve problems. Puppet's desired state approach makes it easy for teams to address a ton of infrastructure and compliance problems via automation instead of manual, one-off fixes. This frees up people's brains to focus on even bigger, more impactful business problems. Software should work for us, not the other way around.”