Comprehensive software reviews to make better IT decisions
Puppet Rolls Out Remediate
Puppet has rolled out Remediate. This release aligns with the ongoing consolidation between IT Operations and IT Security.
On August 21, 2019, IT automation vendor Puppet announced the release of its new tool, Remediate, focused on security vulnerability remediation.
Puppet Remediate brings together data from existing security tools that identify vulnerabilities, including Tenable, Qualys, and Rapid7. In doing so, Remediate bridges the gap between IT Ops and Security – which all too often interact via manual handoffs.
Remediate also allows for prioritization of vulnerabilities and helps take action to remediate vulnerabilities in an automated fashion.
Still from a Puppet Remediate training video. Source: Puppet.
Puppet’s launch of Remediate aligns with the trend toward integrating IT Ops and Security Operations.
Info-Tech has noted this trend in the vendor space, which may see some consolidation take place in the coming years. We also see this trend reflected in leading-edge organizations and how they are transforming their processes to break down silos between development, operations, and security.
DevSecOps is often easier said than done, however. Finding a combination of tools and processes that work for your organization will remain as challenging as ever.
Want to Know More?
Have you ever thought of what else you could do to take your security operations center (SOC) to the next level and focus on prevention? Look no further – external attack surface management (EASM) was a popular managed service and topic of discussion at Rivest–Shamir–Adleman (RSA) Conference 2023, named after a popular public-key cryptosystem.
Morpheus Leads the Shift from Cloud Management Platform to Hybrid Cloud Application Orchestration with Its 5.0 Release
The Morpheus cloud management platform (CMP) has moved beyond its original focus on DevOps automation and self-service. Morpheus provides a management control plane to enable users to deploy workloads anywhere. Such a control plane is the way of the future for managing complex enterprise technology stacks.
Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership have already gone live as an integrated component of the VMDR solution.
IBM is changing the terms of its ubiquitous Passport Advantage agreement to remove entitled discounts on over 5,000 on-premises software products, resulting in an immediate price increase for IBM Software & Support (S&S) across its vast customer landscape.
RiskSense announced on July 13 its new version of the cloud-delivered RiskSense risk management platform. The main draw of the program is its holistic risk calculation across CVEs and CWEs.
Cyberthreats are omnipresent for any enterprise. Monitoring ingress and egress points while still conducting business is a balance security professionals attempt to strike. Couple this with the continued security issues around remote work during the pandemic, and security teams have their hands full.
On May 26, Kenna Security released its new Prioritization to Prediction Benchmark Survey. This free tool provides organizations with the ability to compare their vulnerability management programs to industry averages Kenna Security has compiled over the years.
COVID-19 has changed a great deal about how businesses operate. From a security perspective, however, COVID-19 caught many businesses off guard. The shift from working in the office to working from home has made it difficult for security measures to keep pace. Specifically, how are businesses meant to maintain the same secure networks when their employees are no longer working in the office? Outside of the security of the IT departments, IT and security have a tough time ensuring that patching and vulnerability management remain at the forefront of a business’s priorities.
Google has identified “unsafe” code in the Chromium web browser engine. This flaw introduces a potential vulnerability that effects Google Chrome, as well as all Chromium-based web browsers.