Try Puppet 
Search Puppet.com
Why Puppet

Puppet is the industry standard for IT automation.

Manage and automate more infrastructure and complex workflows in a simple, yet powerful way.

Customers
Open source
Cloud & Hybrid Automation

Accelerate your cloud journey with an enterprise automation platform for your hybrid estate.

Continuous Compliance

Enforce compliance across hybrid infrastructure with policy as code and model-driven automation.

Scaling DevOps

Modernize faster with Puppet DevOps consulting and infrastructure as code.

Use Cases
Integrations
Products
Pricing & PackagingGet Puppet Enterprise

First 10 Nodes are free!

Custom consulting services

Get you up and running quickly with a custom solution that addresses your unique business goals and easily allows for growth as your needs evolve.

Professional services
TrainingOpen source
Support
Puppet Compass Logo
Puppet Compass

Puppet Compass is your source for tools and best practices to address common business challenges.

Get Started
Resource library
State of DevOps Report

Since launching our first DevOps survey in 2012, we’ve learned a lot about the power of DevOps to transform organizations.

Puppet Events
Join us for a Puppet event

It's our community that makes Puppet great. Connect with Puppet users and employees.

Virtual Events
Community
Connect
Puppet Events
About Us

Puppet frees you to do what robots can’t. We make automation software because you’ve got better things to do.

Company
Press & news
Our voiceWorking at Puppet

Incident Remediation

With the proliferation of high-profile hacks, data breaches, and ransomware, it’s easy to feel insecure about your organization’s security. You have to protect your company like never before — particularly as your infrastructure grows and diversifies, presenting a broader surface for attackers.
IncidentRemediation marquee
IncidentRemediation art Sectionrobot
IncidentRemediation art Sectionrobot

Too many issues to fix and not enough time

How do you keep up with an ever-changing cybersecurity landscape? Adopting DevOps practices and automation is critical. It’s now a necessity to deal with this increased complexity rather than just a nice-to-have.

  • CVEs have more than doubled since 2016
  • IT infrastructure grew 47.2% year over year
  • Data breaches increased 424% in 2018
  • Cost of an attack increased to $3.92M over the last five years

 

IncidentRemediation art CompaniesReputation

Protect your company’s reputation with quick remediation

There are many tools designed to find and alert on issues, whether through security scanners, break-fix, or monitoring triggers. Finding them doesn’t remediate the vulnerability. The risk in your expanding environment isn’t reducing — unless you can remediate risks in an automated, repeatable way.

IncidentRemediation art CompaniesReputation
IncidentRemediation art CommunicationBarriers
IncidentRemediation art CommunicationBarriers

Overcome communication barriers between Dev, Sec, and Ops

DevOps and InfoSec teams sometimes have different goals — delivering software to the business on time and on budget versus reducing your organization’s risk profile. They don’t need to be mutually exclusive. Instead of communicating through spreadsheets and incident tickets, automate the handover of prioritized vulnerability data so that action can be taken quickly and painlessly.

We had a manual process to remediate vulnerabilities. When scans were complete, we got a report and remediated them manually with the scripts we have. It worked for us, but not the Auditor — we failed an audit three times. With Puppet, we now have a repeatable process and we’re passing audits.
U.S. Federal Agency
IncidentRemediation art SurfaceAttack

Reduce your surface attack area

Bad actors attack what you have, not what you think you have. You need to understand what’s running in your infrastructure in order to make decisions around decommissioning unneeded resources or prioritizing what to fix first. With contextual information, take action on what really matters. See how Puppet Remediate can simplify and reduce the hours spent remediating vulnerable packages and services.

IncidentRemediation art SurfaceAttack
IncidentRemediation art stat fiingIssues
IncidentRemediation art stat fiingIssues

Harden your resources to comply with security standards

Standardize your technology stack and reduce variation so there are fewer vulnerabilities to exploit. Do you have four different versions of Windows, all with different configurations? How many versions of Linux? The best defense is a good offense. Learn how Puppet Enterprise can proactively ensure that your systems meet security and regulatory standards and guidelines with continuous compliance.

IncidentRemediation art Splunk

Alert-based remediation with Splunk + Puppet

Puppet Enterprise can push events to Splunk Enterprise, which then alerts when drift is detected and corrected, while automatically alerting on-call staff.

IncidentRemediation art Splunk
IncidentRemediation art Logos grey
IncidentRemediation art Logos grey

Integrate with leading vulnerability assessment tools

Puppet Remediate integrates with the tools your InfoSec team use, eliminating the need for manual data handover.

IR Forge TC

Find it and fix it fast with the Puppet Forge

See how you can perform common tasks — like detecting and remediating Heartbleed or ShellShock — in the how-to articles on the Puppet Forge.

IR Forge TC
Related Resources
post
The (security-focused) 2019 State of DevOps Report is here
ebook
Eliminating Misunderstandings Between InfoSec and IT Operations
post
A Puppet module for detecting and remediating Meltdown / Spectre
webinar
Reducing Security Risks with DevOps Practices
Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.