SlideShare une entreprise Scribd logo

Introducing Puppet Remediate™

Télécharger en tant que PPTX, PDF
Puppet
Puppet

Get a firsthand look at our new product in a webinar on Tuesday, 17 September. Many IT organizations tasked with securing infrastructure find that one of their biggest challenges is the vulnerability management process. This process is often manual and inefficient, leaving systems exposed to breaches and attacks. Our new product, Puppet Remediate, addresses common pain points in the vulnerability management workflow to better protect your infrastructure and reduce manual work. With Remediate, you can: Eliminate data handoffs between teams. Puppet Remediate integrates with the three major vulnerability scanners — Tenable, Qualys and Rapid7 — providing a single source of truth for IT Ops; Easily assess the most critical threats. The dashboard shows all vulnerabilities prioritized by relative risk, so you know what to address first; Agentless remediation. Run a task to remediate vulnerabilities directly from the dashboard. You can upload your own scripts, or make use of existing modules in the Puppet Forge.

Technologie
1  sur  14
Puppet Remediate Helps organizations mitigate security risks SEPTEMBER 2019
Puppet Introductions Alberta Bosco Senior Product Marketing Manager Jonny Stewart Senior Product Manager
Agenda Vulnerability management - What is it? Who does what? Vulnerability remediation: workflow, pain points and organizational challenges Puppet vision: IT Ops can remediate faster with automation Puppet Remediate demo Puppet Remediate key differentiators Questions
4 Is vulnerability management and patching the same thing? They are related but they are not the same thing. Patching helps preventing vulnerabilities but is not enough! How do I identify vulnerabilities left in the system? I can use vulnerability scanners, like: Qualys, Rapid7 and Tenable. Vulnerability management - What is it? Vulnerability management is the practice of identifying, classifying, prioritizing, remediating, and mitigating, software vulnerabilities.
5 Vulnerability management - Who does what? INFOSEC TEAM Find vulnerabilities IT OPS TEAM Remediate vulnerabilities Splitting work between teams is called SEGREGATION OF DUTIES
Vulnerability management process Security Team IT Operations Find Send/Receive Filter Prioritize Fix Report Find assets and their vulnerabilities Receive spreadsheet of scanner data via email Report on progress Try to find what’s important out of 1000s Manually decide what to fix first Make changes manually
1 IT Ops wastes time confirming whether data is current. 2 Don’t know what’s important to fix out of thousands. 3 Takes days/weeks to prioritize critical vulnerabilities. 4 Takes too long. No standard approach to fixing. 5 Completely manual. No reliable way to show what’s fixed. Implications Data breaches/loss of share & brand value Losing people due to lack of DevSecOps Inability to fix vulnerabilities fast enough Typical problems with managing vulnerabilities Security Team IT Operations Find Send/Receive Filter Prioritize Fix Report Find assets and their vulnerabilities Receive spreadsheet of scanner data via email Report on progress Try to find what’s important out of 1000s Manually decide what to fix first Make changes manually 2 3 4 51
8 143 million records stolen in 2017 including Social Security Numbers. Impact irreversible. Equifax shares fell 6% after announcement. Cause: missed communications and reliance on manual processes.
Puppet Remediate helps organizations mitigate their security risks. 9
Security Team IT Operations Find Send/Receive Filter Prioritize Fix Report Find assets and their vulnerabilities Automatic, secure delivery of scanner data in real time Remediation success confirmed on next scan Most vulnerable hosts; filter by CVE Risk-based vulnerability prioritization Recommended solutions; agentless remediation Customers such as a global retailer and a U.S. Federal agency expect to: ● Reduce the time to fix vulnerabilities from weeks or days down to less than a day. ● Reduce the number vulnerabilities in their systems. ● Get through audits faster and with less effort. Puppet Remediate + scanner integrations accelerate the vulnerability remediation workflow
Demo
17 Key differentiators ● Community-based content ● Agentless remediation ● Infrastructure discovery and prioritization ● Shared vulnerability data in real time
Questions?
Thank you Request a demo on puppet.com/products/puppet-remediate

Recommandé

Empowering Automation for Everyone 05/29/2019
Empowering Automation for Everyone 05/29/2019Empowering Automation for Everyone 05/29/2019
Empowering Automation for Everyone 05/29/2019Puppet
 
Puppet + Diaxon: Getting to the next stage of DevOps evolution
Puppet + Diaxon: Getting to the next stage of DevOps evolutionPuppet + Diaxon: Getting to the next stage of DevOps evolution
Puppet + Diaxon: Getting to the next stage of DevOps evolutionPuppet
 
Introduction to Puppet Enterprise - Jan 30, 2019
Introduction to Puppet Enterprise - Jan 30, 2019Introduction to Puppet Enterprise - Jan 30, 2019
Introduction to Puppet Enterprise - Jan 30, 2019Puppet
 
The Unlikely Couple, DevOps and Security. Can it work?
The Unlikely Couple, DevOps and Security. Can it work?The Unlikely Couple, DevOps and Security. Can it work?
The Unlikely Couple, DevOps and Security. Can it work?Todd Benson (I.T. SPECIALIST and I.T. SECURITY)
 
A beginners guide to scaling DevOps
A beginners guide to scaling DevOpsA beginners guide to scaling DevOps
A beginners guide to scaling DevOpsEficode
 
The Next Wave of Reliability Engineering
The Next Wave of Reliability EngineeringThe Next Wave of Reliability Engineering
The Next Wave of Reliability EngineeringMichael Kehoe
 
DevOps
DevOpsDevOps
DevOpsAbhay Kumar
 
Silver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security SolutionsSilver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security SolutionsSeniorStoryteller
 

Recommandé

Empowering Automation for Everyone 05/29/2019
Empowering Automation for Everyone 05/29/2019Empowering Automation for Everyone 05/29/2019
Empowering Automation for Everyone 05/29/2019Puppet
 
Puppet + Diaxon: Getting to the next stage of DevOps evolution
Puppet + Diaxon: Getting to the next stage of DevOps evolutionPuppet + Diaxon: Getting to the next stage of DevOps evolution
Puppet + Diaxon: Getting to the next stage of DevOps evolutionPuppet
 
Introduction to Puppet Enterprise - Jan 30, 2019
Introduction to Puppet Enterprise - Jan 30, 2019Introduction to Puppet Enterprise - Jan 30, 2019
Introduction to Puppet Enterprise - Jan 30, 2019Puppet
 
The Unlikely Couple, DevOps and Security. Can it work?
The Unlikely Couple, DevOps and Security. Can it work?The Unlikely Couple, DevOps and Security. Can it work?
The Unlikely Couple, DevOps and Security. Can it work?Todd Benson (I.T. SPECIALIST and I.T. SECURITY)
 
A beginners guide to scaling DevOps
A beginners guide to scaling DevOpsA beginners guide to scaling DevOps
A beginners guide to scaling DevOpsEficode
 
The Next Wave of Reliability Engineering
The Next Wave of Reliability EngineeringThe Next Wave of Reliability Engineering
The Next Wave of Reliability EngineeringMichael Kehoe
 
DevOps
DevOpsDevOps
DevOpsAbhay Kumar
 
Silver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security SolutionsSilver Lining for Miles: DevOps for Building Security Solutions
Silver Lining for Miles: DevOps for Building Security SolutionsSeniorStoryteller
 
3 Steps to Expand DevOps and Automation Throughout the Enterprise
3 Steps to Expand DevOps and Automation Throughout the Enterprise3 Steps to Expand DevOps and Automation Throughout the Enterprise
3 Steps to Expand DevOps and Automation Throughout the EnterprisePuppet
 
Software Supply Chain Automation Removes Roadblocks to Rugged DevOps
Software Supply Chain Automation Removes Roadblocks to Rugged DevOpsSoftware Supply Chain Automation Removes Roadblocks to Rugged DevOps
Software Supply Chain Automation Removes Roadblocks to Rugged DevOpsSeniorStoryteller
 
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...Tori Wieldt
 
Measure Your DevOps Success: Using Goal-based KPIs to Drive Results and Demon...
Measure Your DevOps Success: Using Goal-based KPIs to Drive Results and Demon...Measure Your DevOps Success: Using Goal-based KPIs to Drive Results and Demon...
Measure Your DevOps Success: Using Goal-based KPIs to Drive Results and Demon...XebiaLabs
 
Empower Devs, Simplify Ops, and Accelerate your Digital Transformation
Empower Devs, Simplify Ops, and Accelerate your Digital TransformationEmpower Devs, Simplify Ops, and Accelerate your Digital Transformation
Empower Devs, Simplify Ops, and Accelerate your Digital TransformationRundeck
 
Har du en DevOps i ditt team?
Har du en DevOps i ditt team?Har du en DevOps i ditt team?
Har du en DevOps i ditt team?Solidify
 
Scaling DevOps - delivering on the promise of business velocity and quality
Scaling DevOps - delivering on the promise of business velocity and qualityScaling DevOps - delivering on the promise of business velocity and quality
Scaling DevOps - delivering on the promise of business velocity and qualityXebiaLabs
 
10 Reasons Why You Should Consider Google App Engine (GAE) for Your Next Project
10 Reasons Why You Should Consider Google App Engine (GAE) for Your Next Project10 Reasons Why You Should Consider Google App Engine (GAE) for Your Next Project
10 Reasons Why You Should Consider Google App Engine (GAE) for Your Next ProjectAbeer R
 
Safely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous DeliverySafely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous DeliverySeniorStoryteller
 
Measuring Performance: See the Science of DevOps Measurement in Action
Measuring Performance: See the Science of DevOps Measurement in ActionMeasuring Performance: See the Science of DevOps Measurement in Action
Measuring Performance: See the Science of DevOps Measurement in ActionXebiaLabs
 
DevOps: A Practical Guide
DevOps: A Practical GuideDevOps: A Practical Guide
DevOps: A Practical GuideVictorOps
 
DevOps Best Practices: Managing and Scaling Release Automation Using Visual a...
DevOps Best Practices: Managing and Scaling Release Automation Using Visual a...DevOps Best Practices: Managing and Scaling Release Automation Using Visual a...
DevOps Best Practices: Managing and Scaling Release Automation Using Visual a...XebiaLabs
 
DevOps Roadtrip Final Speaking Deck
DevOps Roadtrip Final Speaking Deck DevOps Roadtrip Final Speaking Deck
DevOps Roadtrip Final Speaking Deck VictorOps
 
DevOps not a Toolbox
DevOps not a ToolboxDevOps not a Toolbox
DevOps not a ToolboxDevOps Indonesia
 
Building Production-Ready Microservices: DevopsExchangeSF
Building Production-Ready Microservices: DevopsExchangeSFBuilding Production-Ready Microservices: DevopsExchangeSF
Building Production-Ready Microservices: DevopsExchangeSFMichael Kehoe
 
cdSummit Austin - Orchestrating the continuous delivery process - Andy Pemberton
cdSummit Austin - Orchestrating the continuous delivery process - Andy PembertoncdSummit Austin - Orchestrating the continuous delivery process - Andy Pemberton
cdSummit Austin - Orchestrating the continuous delivery process - Andy PembertonMiles Blatstein
 
2016 State of DevOps Report Webinar
2016 State of DevOps Report Webinar2016 State of DevOps Report Webinar
2016 State of DevOps Report WebinarPuppet
 
Intel CHD Case Study by Ronen Ezra
Intel CHD Case Study by Ronen EzraIntel CHD Case Study by Ronen Ezra
Intel CHD Case Study by Ronen EzraAgileSparks
 
New Barriers of Transformation
New Barriers of TransformationNew Barriers of Transformation
New Barriers of TransformationDevOps Indonesia
 
DevSecOps: Closing the Loop from Detection to Remediation
DevSecOps: Closing the Loop from Detection to RemediationDevSecOps: Closing the Loop from Detection to Remediation
DevSecOps: Closing the Loop from Detection to RemediationWhiteSource
 
Five Mistakes of Vulnerability Management
Five Mistakes of Vulnerability ManagementFive Mistakes of Vulnerability Management
Five Mistakes of Vulnerability ManagementAnton Chuvakin
 
Common Sense Security Framework
Common Sense Security FrameworkCommon Sense Security Framework
Common Sense Security FrameworkJerod Brennen
 

Contenu connexe

Tendances

3 Steps to Expand DevOps and Automation Throughout the Enterprise
3 Steps to Expand DevOps and Automation Throughout the Enterprise3 Steps to Expand DevOps and Automation Throughout the Enterprise
3 Steps to Expand DevOps and Automation Throughout the EnterprisePuppet
 
Software Supply Chain Automation Removes Roadblocks to Rugged DevOps
Software Supply Chain Automation Removes Roadblocks to Rugged DevOpsSoftware Supply Chain Automation Removes Roadblocks to Rugged DevOps
Software Supply Chain Automation Removes Roadblocks to Rugged DevOpsSeniorStoryteller
 
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...Tori Wieldt
 
Measure Your DevOps Success: Using Goal-based KPIs to Drive Results and Demon...
Measure Your DevOps Success: Using Goal-based KPIs to Drive Results and Demon...Measure Your DevOps Success: Using Goal-based KPIs to Drive Results and Demon...
Measure Your DevOps Success: Using Goal-based KPIs to Drive Results and Demon...XebiaLabs
 
Empower Devs, Simplify Ops, and Accelerate your Digital Transformation
Empower Devs, Simplify Ops, and Accelerate your Digital TransformationEmpower Devs, Simplify Ops, and Accelerate your Digital Transformation
Empower Devs, Simplify Ops, and Accelerate your Digital TransformationRundeck
 
Har du en DevOps i ditt team?
Har du en DevOps i ditt team?Har du en DevOps i ditt team?
Har du en DevOps i ditt team?Solidify
 
Scaling DevOps - delivering on the promise of business velocity and quality
Scaling DevOps - delivering on the promise of business velocity and qualityScaling DevOps - delivering on the promise of business velocity and quality
Scaling DevOps - delivering on the promise of business velocity and qualityXebiaLabs
 
10 Reasons Why You Should Consider Google App Engine (GAE) for Your Next Project
10 Reasons Why You Should Consider Google App Engine (GAE) for Your Next Project10 Reasons Why You Should Consider Google App Engine (GAE) for Your Next Project
10 Reasons Why You Should Consider Google App Engine (GAE) for Your Next ProjectAbeer R
 
Safely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous DeliverySafely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous DeliverySeniorStoryteller
 
Measuring Performance: See the Science of DevOps Measurement in Action
Measuring Performance: See the Science of DevOps Measurement in ActionMeasuring Performance: See the Science of DevOps Measurement in Action
Measuring Performance: See the Science of DevOps Measurement in ActionXebiaLabs
 
DevOps: A Practical Guide
DevOps: A Practical GuideDevOps: A Practical Guide
DevOps: A Practical GuideVictorOps
 
DevOps Best Practices: Managing and Scaling Release Automation Using Visual a...
DevOps Best Practices: Managing and Scaling Release Automation Using Visual a...DevOps Best Practices: Managing and Scaling Release Automation Using Visual a...
DevOps Best Practices: Managing and Scaling Release Automation Using Visual a...XebiaLabs
 
DevOps Roadtrip Final Speaking Deck
DevOps Roadtrip Final Speaking Deck DevOps Roadtrip Final Speaking Deck
DevOps Roadtrip Final Speaking Deck VictorOps
 
Building Production-Ready Microservices: DevopsExchangeSF
Building Production-Ready Microservices: DevopsExchangeSFBuilding Production-Ready Microservices: DevopsExchangeSF
Building Production-Ready Microservices: DevopsExchangeSFMichael Kehoe
 
cdSummit Austin - Orchestrating the continuous delivery process - Andy Pemberton
cdSummit Austin - Orchestrating the continuous delivery process - Andy PembertoncdSummit Austin - Orchestrating the continuous delivery process - Andy Pemberton
cdSummit Austin - Orchestrating the continuous delivery process - Andy PembertonMiles Blatstein
 
2016 State of DevOps Report Webinar
2016 State of DevOps Report Webinar2016 State of DevOps Report Webinar
2016 State of DevOps Report WebinarPuppet
 
Intel CHD Case Study by Ronen Ezra
Intel CHD Case Study by Ronen EzraIntel CHD Case Study by Ronen Ezra
Intel CHD Case Study by Ronen EzraAgileSparks
 
New Barriers of Transformation
New Barriers of TransformationNew Barriers of Transformation
New Barriers of TransformationDevOps Indonesia
 
DevSecOps: Closing the Loop from Detection to Remediation
DevSecOps: Closing the Loop from Detection to RemediationDevSecOps: Closing the Loop from Detection to Remediation
DevSecOps: Closing the Loop from Detection to RemediationWhiteSource
 

Tendances (20)

3 Steps to Expand DevOps and Automation Throughout the Enterprise
3 Steps to Expand DevOps and Automation Throughout the Enterprise3 Steps to Expand DevOps and Automation Throughout the Enterprise
3 Steps to Expand DevOps and Automation Throughout the Enterprise
 
Software Supply Chain Automation Removes Roadblocks to Rugged DevOps
Software Supply Chain Automation Removes Roadblocks to Rugged DevOpsSoftware Supply Chain Automation Removes Roadblocks to Rugged DevOps
Software Supply Chain Automation Removes Roadblocks to Rugged DevOps
 
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
SRE-iously! Defining the Principles, Habits, and Practices of Site Reliabilit...
 
Measure Your DevOps Success: Using Goal-based KPIs to Drive Results and Demon...
Measure Your DevOps Success: Using Goal-based KPIs to Drive Results and Demon...Measure Your DevOps Success: Using Goal-based KPIs to Drive Results and Demon...
Measure Your DevOps Success: Using Goal-based KPIs to Drive Results and Demon...
 
Empower Devs, Simplify Ops, and Accelerate your Digital Transformation
Empower Devs, Simplify Ops, and Accelerate your Digital TransformationEmpower Devs, Simplify Ops, and Accelerate your Digital Transformation
Empower Devs, Simplify Ops, and Accelerate your Digital Transformation
 
Har du en DevOps i ditt team?
Har du en DevOps i ditt team?Har du en DevOps i ditt team?
Har du en DevOps i ditt team?
 
Scaling DevOps - delivering on the promise of business velocity and quality
Scaling DevOps - delivering on the promise of business velocity and qualityScaling DevOps - delivering on the promise of business velocity and quality
Scaling DevOps - delivering on the promise of business velocity and quality
 
10 Reasons Why You Should Consider Google App Engine (GAE) for Your Next Project
10 Reasons Why You Should Consider Google App Engine (GAE) for Your Next Project10 Reasons Why You Should Consider Google App Engine (GAE) for Your Next Project
10 Reasons Why You Should Consider Google App Engine (GAE) for Your Next Project
 
Safely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous DeliverySafely Removing the Last Roadblock to Continuous Delivery
Safely Removing the Last Roadblock to Continuous Delivery
 
Measuring Performance: See the Science of DevOps Measurement in Action
Measuring Performance: See the Science of DevOps Measurement in ActionMeasuring Performance: See the Science of DevOps Measurement in Action
Measuring Performance: See the Science of DevOps Measurement in Action
 
DevOps: A Practical Guide
DevOps: A Practical GuideDevOps: A Practical Guide
DevOps: A Practical Guide
 
DevOps Best Practices: Managing and Scaling Release Automation Using Visual a...
DevOps Best Practices: Managing and Scaling Release Automation Using Visual a...DevOps Best Practices: Managing and Scaling Release Automation Using Visual a...
DevOps Best Practices: Managing and Scaling Release Automation Using Visual a...
 
DevOps Roadtrip Final Speaking Deck
DevOps Roadtrip Final Speaking Deck DevOps Roadtrip Final Speaking Deck
DevOps Roadtrip Final Speaking Deck
 
DevOps not a Toolbox
DevOps not a ToolboxDevOps not a Toolbox
DevOps not a Toolbox
 
Building Production-Ready Microservices: DevopsExchangeSF
Building Production-Ready Microservices: DevopsExchangeSFBuilding Production-Ready Microservices: DevopsExchangeSF
Building Production-Ready Microservices: DevopsExchangeSF
 
cdSummit Austin - Orchestrating the continuous delivery process - Andy Pemberton
cdSummit Austin - Orchestrating the continuous delivery process - Andy PembertoncdSummit Austin - Orchestrating the continuous delivery process - Andy Pemberton
cdSummit Austin - Orchestrating the continuous delivery process - Andy Pemberton
 
2016 State of DevOps Report Webinar
2016 State of DevOps Report Webinar2016 State of DevOps Report Webinar
2016 State of DevOps Report Webinar
 
Intel CHD Case Study by Ronen Ezra
Intel CHD Case Study by Ronen EzraIntel CHD Case Study by Ronen Ezra
Intel CHD Case Study by Ronen Ezra
 
New Barriers of Transformation
New Barriers of TransformationNew Barriers of Transformation
New Barriers of Transformation
 
DevSecOps: Closing the Loop from Detection to Remediation
DevSecOps: Closing the Loop from Detection to RemediationDevSecOps: Closing the Loop from Detection to Remediation
DevSecOps: Closing the Loop from Detection to Remediation
 

Similaire à Introducing Puppet Remediate™

Five Mistakes of Vulnerability Management
Five Mistakes of Vulnerability ManagementFive Mistakes of Vulnerability Management
Five Mistakes of Vulnerability ManagementAnton Chuvakin
 
Common Sense Security Framework
Common Sense Security FrameworkCommon Sense Security Framework
Common Sense Security FrameworkJerod Brennen
 
Prevent Getting Hacked by Using a Network Vulnerability Scanner
Prevent Getting Hacked by Using a Network Vulnerability ScannerPrevent Getting Hacked by Using a Network Vulnerability Scanner
Prevent Getting Hacked by Using a Network Vulnerability ScannerGFI Software
 
Selling Infosec to the CSuite
Selling Infosec to the CSuiteSelling Infosec to the CSuite
Selling Infosec to the CSuiteDave R. Taylor
 
325838924-Splunk-Use-Case-Framework-Introduction-Session
325838924-Splunk-Use-Case-Framework-Introduction-Session325838924-Splunk-Use-Case-Framework-Introduction-Session
325838924-Splunk-Use-Case-Framework-Introduction-SessionRyan Faircloth
 
A Framework for Developing and Operationalizing Security Use Cases
A Framework for Developing and Operationalizing Security Use CasesA Framework for Developing and Operationalizing Security Use Cases
A Framework for Developing and Operationalizing Security Use CasesRyan Faircloth
 
Cybrary's navigating a security wasteland
Cybrary's navigating a security wasteland Cybrary's navigating a security wasteland
Cybrary's navigating a security wasteland Devendra kashyap
 
Balbix-New-CISO-Board-Deck.pptx
Balbix-New-CISO-Board-Deck.pptxBalbix-New-CISO-Board-Deck.pptx
Balbix-New-CISO-Board-Deck.pptxjjvdneut
 
Balbix-New-CISO-Board-Deck.pptx
Balbix-New-CISO-Board-Deck.pptxBalbix-New-CISO-Board-Deck.pptx
Balbix-New-CISO-Board-Deck.pptxjjvdneut
 
How to Perform Continuous Vulnerability Management
How to Perform Continuous Vulnerability ManagementHow to Perform Continuous Vulnerability Management
How to Perform Continuous Vulnerability ManagementIvanti
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfJustinBrown267905
 
Vulnerability Ass... Penetrate What?
Vulnerability Ass... Penetrate What?Vulnerability Ass... Penetrate What?
Vulnerability Ass... Penetrate What?Jorge Orchilles
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessSirius
 
Proatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security TeamsProatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security TeamsFireEye, Inc.
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
 
201512 - Vulnerability Management -PCI Best Practices - stepbystep
201512 - Vulnerability Management -PCI Best Practices - stepbystep201512 - Vulnerability Management -PCI Best Practices - stepbystep
201512 - Vulnerability Management -PCI Best Practices - stepbystepAllan Crowe PCIP
 
Cybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdfCybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdfTheWalkerGroup1
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability ManagementGFI Software
 

Similaire à Introducing Puppet Remediate™ (20)

Five Mistakes of Vulnerability Management
Five Mistakes of Vulnerability ManagementFive Mistakes of Vulnerability Management
Five Mistakes of Vulnerability Management
 
Common Sense Security Framework
Common Sense Security FrameworkCommon Sense Security Framework
Common Sense Security Framework
 
Prevent Getting Hacked by Using a Network Vulnerability Scanner
Prevent Getting Hacked by Using a Network Vulnerability ScannerPrevent Getting Hacked by Using a Network Vulnerability Scanner
Prevent Getting Hacked by Using a Network Vulnerability Scanner
 
Selling Infosec to the CSuite
Selling Infosec to the CSuiteSelling Infosec to the CSuite
Selling Infosec to the CSuite
 
Prevent & Protect
Prevent & ProtectPrevent & Protect
Prevent & Protect
 
325838924-Splunk-Use-Case-Framework-Introduction-Session
325838924-Splunk-Use-Case-Framework-Introduction-Session325838924-Splunk-Use-Case-Framework-Introduction-Session
325838924-Splunk-Use-Case-Framework-Introduction-Session
 
A Framework for Developing and Operationalizing Security Use Cases
A Framework for Developing and Operationalizing Security Use CasesA Framework for Developing and Operationalizing Security Use Cases
A Framework for Developing and Operationalizing Security Use Cases
 
Cybrary's navigating a security wasteland
Cybrary's navigating a security wasteland Cybrary's navigating a security wasteland
Cybrary's navigating a security wasteland
 
Balbix-New-CISO-Board-Deck.pptx
Balbix-New-CISO-Board-Deck.pptxBalbix-New-CISO-Board-Deck.pptx
Balbix-New-CISO-Board-Deck.pptx
 
Balbix-New-CISO-Board-Deck.pptx
Balbix-New-CISO-Board-Deck.pptxBalbix-New-CISO-Board-Deck.pptx
Balbix-New-CISO-Board-Deck.pptx
 
How to Perform Continuous Vulnerability Management
How to Perform Continuous Vulnerability ManagementHow to Perform Continuous Vulnerability Management
How to Perform Continuous Vulnerability Management
 
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdfFor Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
For Public_ Cybersecurity_ Frameworks, Fundamentals, and Foundations 2023.pdf
 
Vulnerability Ass... Penetrate What?
Vulnerability Ass... Penetrate What?Vulnerability Ass... Penetrate What?
Vulnerability Ass... Penetrate What?
 
Optimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to SuccessOptimizing Security Operations: 5 Keys to Success
Optimizing Security Operations: 5 Keys to Success
 
Proatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security TeamsProatively Engaged: Questions Executives Should Ask Their Security Teams
Proatively Engaged: Questions Executives Should Ask Their Security Teams
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
 
201512 - Vulnerability Management -PCI Best Practices - stepbystep
201512 - Vulnerability Management -PCI Best Practices - stepbystep201512 - Vulnerability Management -PCI Best Practices - stepbystep
201512 - Vulnerability Management -PCI Best Practices - stepbystep
 
Cybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdfCybersecurity risk assessments help organizations identify.pdf
Cybersecurity risk assessments help organizations identify.pdf
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
 
FMEA Final Project
FMEA Final ProjectFMEA Final Project
FMEA Final Project
 

Plus de Puppet

Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet
 
Puppetcamp r10kyaml
Puppetcamp r10kyamlPuppetcamp r10kyaml
Puppetcamp r10kyamlPuppet
 
2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)Puppet
 
Puppet camp vscode
Puppet camp vscodePuppet camp vscode
Puppet camp vscodePuppet
 
Modules of the twenties
Modules of the twentiesModules of the twenties
Modules of the twentiesPuppet
 
Applying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codeApplying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codePuppet
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approachPuppet
 
Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationPuppet
 
Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliancePuppet
 
Automating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowAutomating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowPuppet
 
Puppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet
 
Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Puppet
 
Accelerating azure adoption with puppet
Accelerating azure adoption with puppetAccelerating azure adoption with puppet
Accelerating azure adoption with puppetPuppet
 
Puppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet
 
ServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkPuppet
 
Take control of your dev ops dumping ground
Take control of your dev ops dumping groundTake control of your dev ops dumping ground
Take control of your dev ops dumping groundPuppet
 
100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy SoftwarePuppet
 
Puppet User Group
Puppet User GroupPuppet User Group
Puppet User GroupPuppet
 
Continuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsContinuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsPuppet
 
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyThe Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyPuppet
 

Plus de Puppet (20)

Puppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepoPuppet camp2021 testing modules and controlrepo
Puppet camp2021 testing modules and controlrepo
 
Puppetcamp r10kyaml
Puppetcamp r10kyamlPuppetcamp r10kyaml
Puppetcamp r10kyaml
 
2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)2021 04-15 operational verification (with notes)
2021 04-15 operational verification (with notes)
 
Puppet camp vscode
Puppet camp vscodePuppet camp vscode
Puppet camp vscode
 
Modules of the twenties
Modules of the twentiesModules of the twenties
Modules of the twenties
 
Applying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance codeApplying Roles and Profiles method to compliance code
Applying Roles and Profiles method to compliance code
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approach
 
Enforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automationEnforce compliance policy with model-driven automation
Enforce compliance policy with model-driven automation
 
Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliance
 
Automating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNowAutomating it management with Puppet + ServiceNow
Automating it management with Puppet + ServiceNow
 
Puppet: The best way to harden Windows
Puppet: The best way to harden WindowsPuppet: The best way to harden Windows
Puppet: The best way to harden Windows
 
Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020Simplified Patch Management with Puppet - Oct. 2020
Simplified Patch Management with Puppet - Oct. 2020
 
Accelerating azure adoption with puppet
Accelerating azure adoption with puppetAccelerating azure adoption with puppet
Accelerating azure adoption with puppet
 
Puppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael PinsonPuppet catalog Diff; Raphael Pinson
Puppet catalog Diff; Raphael Pinson
 
ServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin ReeuwijkServiceNow and Puppet- better together, Kevin Reeuwijk
ServiceNow and Puppet- better together, Kevin Reeuwijk
 
Take control of your dev ops dumping ground
Take control of your dev ops dumping groundTake control of your dev ops dumping ground
Take control of your dev ops dumping ground
 
100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software100% Puppet Cloud Deployment of Legacy Software
100% Puppet Cloud Deployment of Legacy Software
 
Puppet User Group
Puppet User GroupPuppet User Group
Puppet User Group
 
Continuous Compliance and DevSecOps
Continuous Compliance and DevSecOpsContinuous Compliance and DevSecOps
Continuous Compliance and DevSecOps
 
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick MaludyThe Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
The Dynamic Duo of Puppet and Vault tame SSL Certificates, Nick Maludy
 

Dernier

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 

Dernier (20)

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 

Introducing Puppet Remediate™

  • 1. Puppet Remediate Helps organizations mitigate security risks SEPTEMBER 2019
  • 2. Puppet Introductions Alberta Bosco Senior Product Marketing Manager Jonny Stewart Senior Product Manager
  • 3. Agenda Vulnerability management - What is it? Who does what? Vulnerability remediation: workflow, pain points and organizational challenges Puppet vision: IT Ops can remediate faster with automation Puppet Remediate demo Puppet Remediate key differentiators Questions
  • 4. 4 Is vulnerability management and patching the same thing? They are related but they are not the same thing. Patching helps preventing vulnerabilities but is not enough! How do I identify vulnerabilities left in the system? I can use vulnerability scanners, like: Qualys, Rapid7 and Tenable. Vulnerability management - What is it? Vulnerability management is the practice of identifying, classifying, prioritizing, remediating, and mitigating, software vulnerabilities.
  • 5. 5 Vulnerability management - Who does what? INFOSEC TEAM Find vulnerabilities IT OPS TEAM Remediate vulnerabilities Splitting work between teams is called SEGREGATION OF DUTIES
  • 6. Vulnerability management process Security Team IT Operations Find Send/Receive Filter Prioritize Fix Report Find assets and their vulnerabilities Receive spreadsheet of scanner data via email Report on progress Try to find what’s important out of 1000s Manually decide what to fix first Make changes manually
  • 7. 1 IT Ops wastes time confirming whether data is current. 2 Don’t know what’s important to fix out of thousands. 3 Takes days/weeks to prioritize critical vulnerabilities. 4 Takes too long. No standard approach to fixing. 5 Completely manual. No reliable way to show what’s fixed. Implications Data breaches/loss of share & brand value Losing people due to lack of DevSecOps Inability to fix vulnerabilities fast enough Typical problems with managing vulnerabilities Security Team IT Operations Find Send/Receive Filter Prioritize Fix Report Find assets and their vulnerabilities Receive spreadsheet of scanner data via email Report on progress Try to find what’s important out of 1000s Manually decide what to fix first Make changes manually 2 3 4 51
  • 8. 8 143 million records stolen in 2017 including Social Security Numbers. Impact irreversible. Equifax shares fell 6% after announcement. Cause: missed communications and reliance on manual processes.
  • 10. Security Team IT Operations Find Send/Receive Filter Prioritize Fix Report Find assets and their vulnerabilities Automatic, secure delivery of scanner data in real time Remediation success confirmed on next scan Most vulnerable hosts; filter by CVE Risk-based vulnerability prioritization Recommended solutions; agentless remediation Customers such as a global retailer and a U.S. Federal agency expect to: ● Reduce the time to fix vulnerabilities from weeks or days down to less than a day. ● Reduce the number vulnerabilities in their systems. ● Get through audits faster and with less effort. Puppet Remediate + scanner integrations accelerate the vulnerability remediation workflow
  • 11. Demo
  • 12. 17 Key differentiators ● Community-based content ● Agentless remediation ● Infrastructure discovery and prioritization ● Shared vulnerability data in real time
  • 14. Thank you Request a demo on puppet.com/products/puppet-remediate