Perforce Puppet update accelerates vulnerability remediation

Perforce Software announced its latest platform update for Puppet Enterprise Advanced, designed to streamline DevSecOps practices and fortify enterprise security postures.

This release incorporates more advanced and proactive remediation options, allowing organizations to accelerate their response to security vulnerabilities by fostering greater collaboration between platform and security teams.

A 2024 study by Statista reported that the average age of cyber vulnerabilities is 229 days, leaving companies and their customers vulnerable to security breaches and being found to be non-compliant. Still, companies trying to solve this problem are being challenged by the rapid scaling of infrastructure, inefficient operational practices, and an ongoing global cyber skills shortage.

Puppet’s latest platform update enables enterprises to address known vulnerabilities by integrating security remediation within core infrastructure workflows to accelerate responsiveness to identified threats. Embedding this capability into established processes gives operations and security teams a shared understanding of their security posture and automates critical remediation tasks to eliminate inefficient cross-functional handoffs.

“Vulnerabilities continue to increase, with around 40,000 known vulnerabilities in 2024. Because of this explosion in vulnerabilities, the mean time to remediate continues to increase, leaving companies extremely vulnerable to attacks. Enterprises must combat this by integrating security with infrastructure automation to shorten the vulnerability remediation cycle,” said Tzvika Shahaf,Vp of Product Management at Perforce. “Our new release empowers organizations to unlock a collaborative DevSecOps environment by shrinking the opportunity window for attackers. In future Puppet releases, the pace will quicken further with human-in-the-loop, AI-driven automation.”

Puppet enables the platform team to support security initiatives to improve resiliency and reduce the MTTR (Mean Time to Remediate). Lowering risk, improving efficiency, and reducing cost is accomplished by providing:

• Remediation of known vulnerabilities is streamlined by integration with leading security scanners. Tenable Nessus is included out-of-the box and other popular scanners are available via an extensible architecture and open API framework. Self-service workflows and cross-functional visibility break down siloes to eliminate efficiency bottlenecks and accelerate resolution.
• Patching workflows are managed directly in Puppet and benefit from an intuitive GUI interface. Support for maintenance and blackout windows ensures less business interruption while dynamic patching groups provide the operational efficiency necessary when managing extensive hybrid estates.
• Desired state enforcement ensures configurations remain continuously aligned with security policies. Remediation is automatic when discrepancies are identified along with the generation of documentation needed by auditors.
• Automatic alignment with popular security baselines via pre-built, reusable policy as code (PaC) modules, ensuring the latest best practices are always being applied.