DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DataOps
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • Techstrong.tv Podcast
    • Techstrong.tv Video Podcast
    • Techstrong.tv - Twitch
    • DevOps Unbound
  • Webinars
    • Upcoming
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Related Sites
    • Techstrong Group
    • Container Journal
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv Video Podcast
    • Techstrong.tv - Twitch
  • Media Kit
  • About
  • Sponsor
  • AI
  • Cloud
  • Continuous Delivery
  • Continuous Testing
  • DataOps
  • DevSecOps
  • DevOps Onramp
  • Platform Engineering
  • Low-Code/No-Code
  • IT as Code
  • More
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps
    • ROELBOB
Hot Topics
  • Where Does Observability Stand Today, and Where is it Going Next?
  • Five Great DevOps Job Opportunities
  • A Freelancer's Workflow
  • Azure Migration Strategy: Tools, Costs and Best Practices
  • Blameless Integrates Incident Management Platform With Opsgenie

Home » Latest News Releases » Puppet Delivers New Product for Vulnerability Remediation

Puppet Delivers New Product for Vulnerability Remediation

By: Deborah Schalm on August 21, 2019 Leave a Comment

With vulnerabilities and security breaches on the rise, the latest Puppet product helps IT teams find, prioritize and remediate mission-critical vulnerabilities.

Recent Posts By Deborah Schalm
  • Exabeam Reinvents Security Analytics with Fusion XDR and Fusion SIEM Cloud Products to Address Security Needs at Scale
  • New Study Reveals Importance of Optimized Strategy for the Selection, Support, and Maintenance of Open Source Software
  • Applitools Integrates With Rally for Fast and Automated Bug Management
More from Deborah Schalm
Related Posts
  • Puppet Delivers New Product for Vulnerability Remediation
  • Cybric Launches Industry-First Continuous Security-as-a-Service Platform
  • Report Finds Faster DevOps Adoption in Retail
    Related Categories
  • Latest News Releases
    Related Topics
  • Puppet
  • Puppet Remediate
Show more
Show less

Portland, ORE.—Aug. 21, 2019—Puppet, the standard for automating the delivery and operation of the software that powers everything around us, today announced its first vulnerability remediation solution, Puppet Remediate, with initial channel partners, Bitbone and Fishtech.

TechStrong Con 2023Sponsorships Available

According to Forrester’s 2018 security survey published in 2018, 58% of enterprise organizations suffered a breach at least once in the previous year, and over 41% of those external breaches exploited some software vulnerability. The problem is that the vulnerability management workflow⁠—from vulnerability reports run by security teams to vulnerability remediation done by IT operators —is fragmented and manual, making vulnerability remediation slow and leaving IT infrastructure exposed to external attacks for too long. A 2018 report by the Ponemon Institute found organizations spend around 320 hours a week on vulnerability responses.

 

“The vulnerability management process most organizations use today is not sustainable for reducing the security risk of external attacks. There is a major gap between sophisticated scanning tools that identify vulnerabilities and the fragmented and manual, error-prone approach of fixing these vulnerabilities,” said Matt Waxman, Head of Product at Puppet. “Puppet Remediate closes this gap giving IT the insight they need to end the current soul-crushing work associated with vulnerability remediation to ensure they are keeping their organization safe.”

Puppet Remediate dramatically reduces the time from vulnerability detection to remediation across a company’s infrastructure through key integrations with security partners to unify infrastructure and vulnerability data, quick identification of what infrastructure resources are impacted by vulnerabilities, and the ability to take immediate action to remediate vulnerable packages without requiring any agent technology on the vulnerable systems on both Linux and Windows through SSH and WinRM.

Key features of Puppet’s latest product include:

Shared vulnerability data between Security and IT Ops. Puppet Remediate unifies infrastructure data with vulnerability data from Tenable, Qualys and Rapid7 to prioritize vulnerabilities. This also allows IT Ops to get access to vulnerability data in real-time, reducing delays and eliminating risks related to manual handover of data.

Risk-based prioritization. IT can prioritize the most mission-critical systems and identify vulnerabilities within the organization’s systems to separate signal from noise based on infrastructure context. With a dashboard that lists the most critical vulnerabilities, IT Ops can quickly learn what assets have vulnerabilities at a glance and determine what to fix first.

Agentless remediation. In 2018, 8 out of the Top 10 CVEs reported could be remediated with a package update. Puppet Remediate includes four pre-built tasks, including the ability to update packages. Remediate can also load modules from the Puppet Forge where a vast community of IT operators, security analysts, developers, and partners share ready-to-automate solutions as Bolt Tasks. IT Ops can take immediate action to remediate a vulnerability without leaving the application or having to use a CLI or write scripts—and, without requiring any agent technology on the vulnerable systems.

Channel Partners Provide an Established Infrastructure and InfoSec Practice

Initial channel partners were selected based on their established infrastructure and InfoSec practices and ability to bridge the gap that exists between security and IT practices in enterprises. The channel partners already sell into the vulnerability assessment market with products from Qualys, Rapid7 and Tenable. A 2018 report from IDC valued the vulnerability assessment market at $1.7 billion.

“Puppet Remediate offers real added value with its new functions to our customers,” said Sebastian Scheuring, CEO Bitbone AG. “It drastically automates the workflow of vulnerability remediation through taking out the manual, mundane and error-prone steps that are required to remediate vulnerabilities. Continuous scans, remediation tasks and short cycles of update processes significantly increase the security level of IT environments.”

Learn More

More about this new product from Puppet on our website. If you need to continuously enforce your security standard and comply with numerous regulatory policies check out Puppet Enterprise.

Attending VMWorld? Come to booth #759 to learn more about Puppet Remediate.

Additional Resources

  • Learn more about Puppet
  • Follow Puppet on Twitter and LinkedIn
  • Read our blog

About Puppet

Puppet is driving the movement to a world of unconstrained software change. Its revolutionary platform is the industry standard for automating the delivery and operation of the software that powers everything around us. More than 40,000 companies—including more than 75 percent of the Fortune 10 —use Puppet’s open source and commercial solutions to adopt DevOps practices, achieve situational awareness and drive software change with confidence. Headquartered in Portland, Oregon, Puppet is a privately held company with more than 500 employees around the world. Learn more at puppet.com.

 

Filed Under: Latest News Releases Tagged With: Puppet, Puppet Remediate

« Puppet Aims to Automate Vulnerability Remediation
The Linux Foundation Announces New Open Hardware Technologies and Collaboration »

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Automating Day 2 Operations: Best Practices and Outcomes
Tuesday, February 7, 2023 - 3:00 pm EST
Shipping Applications Faster With Kubernetes: Myth or Reality?
Wednesday, February 8, 2023 - 1:00 pm EST
Why Current Approaches To "Shift-Left" Are A DevOps Antipattern
Thursday, February 9, 2023 - 1:00 pm EST

Sponsored Content

The Google Cloud DevOps Awards: Apply Now!

January 10, 2023 | Brenna Washington

Codenotary Extends Dynamic SBOM Reach to Serverless Computing Platforms

December 9, 2022 | Mike Vizard

Why a Low-Code Platform Should Have Pro-Code Capabilities

March 24, 2021 | Andrew Manby

AWS Well-Architected Framework Elevates Agility

December 17, 2020 | JT Giri

Practical Approaches to Long-Term Cloud-Native Security

December 5, 2019 | Chris Tozzi

Latest from DevOps.com

Where Does Observability Stand Today, and Where is it Going Next?
February 6, 2023 | Tomer Levy
Five Great DevOps Job Opportunities
February 6, 2023 | Mike Vizard
Azure Migration Strategy: Tools, Costs and Best Practices
February 3, 2023 | Gilad David Maayan
Blameless Integrates Incident Management Platform With Opsgenie
February 3, 2023 | Mike Vizard
OpenAI Hires 1,000 Low Wage Coders to Retrain Copilot | Netflix Blocks Password Sharing
February 2, 2023 | Richi Jennings

TSTV Podcast

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays

GET THE TOP STORIES OF THE WEEK

Most Read on DevOps.com

OpenAI Hires 1,000 Low Wage Coders to Retrain Copilot | Netflix Blocks Password Sharing
February 2, 2023 | Richi Jennings
Automation Challenges Holding DevOps Back
February 1, 2023 | Mike Vizard
Jellyfish Adds Tool to Visualize Software Development Workflows
January 31, 2023 | Mike Vizard
Cisco AppDynamics Survey Surfaces DevSecOps Challenges
January 31, 2023 | Mike Vizard
Red Hat Brings Ansible Automation to Google Cloud
February 2, 2023 | Mike Vizard
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2023 ·Techstrong Group, Inc.All rights reserved.