product web COMPLY

Puppet Comply

Automate and enforce policy as code.
Achieve continuous compliance without sacrificing agility.
Request a demo Read the solution brief 

What is Puppet Comply?

Puppet Comply enables continuous compliance across hybrid infrastructure with less overhead and manual work. Get a holistic view of compliance status throughout cloud and on-prem environments, generate reports to easily prove that systems remain in check, and enforce immutable policy as code with expert-built content and modules configured to your environment.

By 2023, 60% of organizations in regulated verticals will have integrated compliance as code into their DevOps toolchains, improving their lead time by at least 20%.
Innovation Insight for Continuous Compliance Automation, Gartner, August 2020

Define a secure baseline with CIS Benchmarks™

Puppet Comply assesses your infrastructure against CIS Benchmarks, a set of guidelines for secure system configuration from the Center for Internet Security (CIS).
Developed by a community of cybersecurity experts, CIS Benchmarks are widely adopted by organizations worldwide and serve as a baseline for many common regulatory requirements, including PCI, NIST and FISMA, HIPAA, GDPR, ISO/IEC 27001.
Dashboard Scan Results

Get a holistic view of compliance status

Puppet Comply scans your hybrid infrastructure to assess compliance with CIS Benchmarks, providing a clear view of compliance status for each node in your estate.

  • Puppet Comply maps controls to your infrastructure — using classification data such as operating system, version, role, and environment — so you know exactly which settings and configurations need to be applied to each system.
  • Don’t waste time chasing false positives. Quickly identify the cause and source of compliance failures with node-level scan results, and drill into benchmark details for guidance on how to remediate failures.
  • Eliminate manual exception handling. Define custom profiles to disable the rules you don’t want to enforce and scan only for the ones that apply.
Dashboard Scan Results

Remediate compliance failures at scale

Remediate failures and establish a baseline for compliance using modules created by Puppet experts and configured to your environment.

Define compliant configurations once and automatically apply them to hundreds or thousands of nodes, whether they live in the cloud or on premises.
Bridge skill and resource gaps by leveraging Puppet expertise.
Enable your team to maintain compliance with a documented framework for making changes and addressing benchmark updates.
Comply Detailed Activity Feed

Verify remediation with on-demand scans

Enable IT Operations teams to take a proactive approach to compliance. With Puppet Comply, Ops teams can run their own scans to immediately verify that failures have been remediated and that systems have been brought under compliance.

  • Close the gap between remediation and the next scan, when systems may be out of compliance without your knowledge.
  • Eliminate bottlenecks caused by cross-functional dependencies, such as coordination of scanning windows.
Comply Detailed Activity Feed

Automate policy enforcement with compliance as code

Define compliance policies as code to incorporate compliant configurations into your baseline, automatically apply the appropriate settings to every system in your infrastructure, and enforce compliant state with automatic drift detection and correction.

  • Puppet Enterprise continuously checks your infrastructure against the baseline configurations you’ve defined and makes a corrective change if a system drifts from its compliant state.
  • Apply policies to node groups classified by operating system, role, or environment, so new systems automatically inherit environment-specific configurations.
We can generate a report for the exact data [auditors] are looking for. If someone were to request a list of Windows servers in dev running an outdated agent, we can easily drill down into specifics using the intuitive Puppet console. We keep track of compliance and security on a very continuous basis.
Mohinder Singh, Senior Cloud Engineer, Guardian Life

Reduce the burden of audit preparation

Audits don’t have to be an expensive fire drill. Prove infrastructure-wide compliance with reports that are easy to generate and understand.

  • Generate automatically updated reports that depict the current state of your infrastructure and can be easily interpreted without deep technical knowledge.
  • Demonstrate a consistent, reliable process for each stage of the compliance lifecycle — from assessment to remediation to enforcement.
  • Conduct regular scans to identify and remediate failures on a regular basis, so you can be confident in your compliance posture before an audit.

Request a demo

Want to see Puppet Comply firsthand? Complete the form and we’ll contact you to schedule a demo.

Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.