BlogContact SalesTry Puppet 
Search Puppet.com
Why Puppet

Puppet is the industry standard for IT automation.

Modernize, manage and bring your hybrid infrastructure into compliance through Puppet's powerful continuous automation.

Use Cases
Puppet Enterprise LogoGet Puppet Enterprise

First 10 nodes are free!

Products
Pricing & Packaging
Integrations
Puppet Compass Logo
Puppet Compass

Puppet Compass is your learning portal for tools and best practices to address common business challenges.

Professional services
Support
Open Source Puppet Assist
Your one-stop shop for exclusive tools to enhance your efficiency using Open Source Puppet.
Custom consulting services

Get up and running quickly with a custom solution that addresses your unique business goals and easily allows for growth as your needs evolve.

Puppet Forge

Find thousands of component modules built by the community and guidance on using them in your own infrastructure.

EcosystemOpen Source Projects
Community
Contribute
State of DevOps Report

Since launching our first DevOps survey in 2012, we’ve learned a lot about the power of DevOps to transform organizations.

Product Documentation
Resource library
Customers
Partners
Featured Partners
Servicenow Logo
Splunk Logo
Tenable Logo
Puppet Events
About Us

Puppet takes the risk out of change. We meet you where you are today and take you where you need to go.

CompanyWorking at Puppet
Press & news
Events
It's our community that makes Puppet great. Connect with Puppet users and employees.
homeuse casesincident remediation

Incident Remediation

With the proliferation of high-profile hacks, data breaches, and ransomware, it’s easy to feel insecure about your organization’s security. You have to protect your company like never before — particularly as your infrastructure grows and diversifies, presenting a broader surface for attackers.
IncidentRemediation marquee
IncidentRemediation art Sectionrobot
IncidentRemediation art Sectionrobot

Too many issues to fix and not enough time

How do you keep up with an ever-changing cybersecurity landscape? Adopting DevOps practices and automation is critical. It’s now a necessity to deal with this increased complexity rather than just a nice-to-have.

  • CVEs have more than doubled since 2016
  • IT infrastructure grew 47.2% year over year
  • Data breaches increased 424% in 2018
  • Cost of an attack increased to $3.92M over the last five years

 

IncidentRemediation art CompaniesReputation

Protect your company’s reputation with quick remediation

There are many tools designed to find and alert on issues, whether through security scanners, break-fix, or monitoring triggers. Finding them doesn’t remediate the vulnerability. The risk in your expanding environment isn’t reducing — unless you can remediate risks in an automated, repeatable way.

IncidentRemediation art CompaniesReputation
IncidentRemediation art CommunicationBarriers
IncidentRemediation art CommunicationBarriers

Overcome communication barriers between Dev, Sec, and Ops

DevOps and InfoSec teams sometimes have different goals — delivering software to the business on time and on budget versus reducing your organization’s risk profile. They don’t need to be mutually exclusive. Instead of communicating through spreadsheets and incident tickets, automate the handover of prioritized vulnerability data so that action can be taken quickly and painlessly.

We had a manual process to remediate vulnerabilities. When scans were complete, we got a report and remediated them manually with the scripts we have. It worked for us, but not the Auditor — we failed an audit three times. With Puppet, we now have a repeatable process and we’re passing audits.
U.S. Federal Agency
IncidentRemediation art SurfaceAttack

Reduce your surface attack area

Bad actors attack what you have, not what you think you have. You need to understand what’s running in your infrastructure in order to make decisions around decommissioning unneeded resources or prioritizing what to fix first. With contextual information, take action on what really matters. See how Puppet Remediate can simplify and reduce the hours spent remediating vulnerable packages and services.

IncidentRemediation art SurfaceAttack
IncidentRemediation art stat fiingIssues
IncidentRemediation art stat fiingIssues

Harden your resources to comply with security standards

Standardize your technology stack and reduce variation so there are fewer vulnerabilities to exploit. Do you have four different versions of Windows, all with different configurations? How many versions of Linux? The best defense is a good offense. Learn how Puppet Enterprise can proactively ensure that your systems meet security and regulatory standards and guidelines with continuous compliance.

IncidentRemediation art Splunk

Alert-based remediation with Splunk + Puppet

Puppet Enterprise can push events to Splunk Enterprise, which then alerts when drift is detected and corrected, while automatically alerting on-call staff.

IncidentRemediation art Splunk
IncidentRemediation art Logos grey
IncidentRemediation art Logos grey

Integrate with leading vulnerability assessment tools

Puppet Remediate integrates with the tools your InfoSec team use, eliminating the need for manual data handover.

IR Forge TC

Find it and fix it fast with the Puppet Forge

See how you can perform common tasks — like detecting and remediating Heartbleed or ShellShock — in the how-to articles on the Puppet Forge.

IR Forge TC
Related Resources
post
The (security-focused) 2019 State of DevOps Report is here
ebook
Eliminating Misunderstandings Between InfoSec and IT Operations
post
A Puppet module for detecting and remediating Meltdown / Spectre
webinar
Reducing Security Risks with DevOps Practices
Puppet sites use proprietary and third-party cookies. By using our sites, you agree to our cookie policy.