SlideShare a Scribd company logo

Shift Left: Puppet + CloudPassage = New Approach to Securing DevOps

Download as PPTX, PDF
C
Claire Priester Papas

Date held: Wednesday, 15 November 2017  It’s time for a new approach to securing DevOps. Puppet and CloudPassage have teamed up to bring you a solution that automates security and compliance in any infrastructure—at any scale—that eliminates the security bottleneck. Join us to learn how the Puppet module for CloudPassage Halo helps your security teams keep pace with the demands of the modern, agile enterprise.

Technology
1 of 22
Puppet presents “Talking Tech” A new webinar series featuring exciting technology solutions that are driving the industry forward Shift Left: Puppet + CloudPassage = New Approach to Securing DevOps Date: Wednesday, 15 November
Shift Left: New approach to securing DevOps
Talking Tech: Puppet Webinar Series Presenters Tim Zonca Vice President Worldwide Marketing and Business Development Puppet Amit Gupta Vice President Product Management CloudPassage
Talking Tech: Puppet Webinar Series ● DevOps and security: a Puppet perspective ● Automating security with Puppet and CloudPassage What we’re talking about Agenda
Everyone is transforming to deliver great customer experiences through software
Talking Tech: Puppet Webinar Series Evolution of DevOps Speed Quality Security
Talking Tech: Puppet Webinar Series DevOps done right delivers results
Talking Tech: Puppet Webinar Series Different teams. Different needs. Model desired state Continual enforcement
Talking Tech: Puppet Webinar Series Benefits of integrating security early and often
Talking Tech: Puppet Webinar Series CloudPassage and Puppet Automated Security for Agile Enterprise Meets the DevOps Leader
Talking Tech: Puppet Webinar Series End-to-end, automated security with Puppet and CloudPassage
Talking Tech: Puppet Webinar Series Traditional security tools don’t work in the cloud Source: Holger Schulze, Cloud Security Spotlight Report / March 2017 Q
Talking Tech: Puppet Webinar Series Five critical attributes for modern IT security Visibility 2 Speed 1 Integration 4 Portability 3 Scale 5
Talking Tech: Puppet Webinar Series Key challenges for modern enterprise Ops teams Identifying configuratio n drift in deployed workloads in real-time Running security checks at the end of the dev cycle -slow & expensive Integrating security with automated CI/CD & IT service delivery tools Lacking a single security solution for workloads & containers Applying security checks & controls in highly elastic environments Visibility 2 Speed 1 Integration 4 Portability 3 Scale 5 Goal Rapidly deliver and maintain innovative, reliable, & secure apps & systems to drive growth
Workload security and compliance automation from development to deployment, across clouds and data centers, servers and containers – at DevOps speed & scale CloudPassage Halo Deliver frictionless security
Talking Tech: Puppet Webinar Series Security at the speed of the modern enterprise
Talking Tech: Puppet Webinar Series Orchestrating security & compliance with CloudPassage and Puppet
Talking Tech: Puppet Webinar Series Example: Automated installation and policy assignment 100100 110111 0 000100 110101 1 POLICY - Firewall - Config - Accounts Tag ABC D 1001 0 8927 Halo agent with tag Policy Telemetry 1 2 3 Amazon EC2 Amazon EC2
Talking Tech: Puppet Webinar Series Example: Fast feedback to developer Amazon EC2
Talking Tech: Puppet Webinar Series Example: Automated closed-loop remediation Vulnerability Remediation Integrated Manager 1 2 3 Amazon EC2 4
Talking Tech: Puppet Webinar Series Solving problems together Puppet automates deployment PE + CloudPassage SolutionChallenge Security tools are friction Built for dynamic cloud environments High cost of disparate point products Multi-environment, containers, VMs Manual updates needed to ensure security and compliance Automatically remediate any changes to security and compliance policies Security tools require maintenance
Q&A Resources: Install CloudPassage Halo agent: https://forge.puppet.com/cloudpassage Read our solution brief: https://puppet.com/resources/solution-brief/puppet-and-cloudpassage-agile-security-demand

Recommended

Secure your Azure and DevOps in a smart way
Secure your Azure and DevOps in a smart waySecure your Azure and DevOps in a smart way
Secure your Azure and DevOps in a smart wayEficode
 
DevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingDevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingAarno Aukia
 
Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & Security Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & SecurityNico Meisenzahl
 
Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliancePuppet
 
Observability in highly distributed systems
Observability in highly distributed systemsObservability in highly distributed systems
Observability in highly distributed systemsDevOps Indonesia
 
Why Serverless is scary without DevSecOps and Observability
Why Serverless is scary without DevSecOps and ObservabilityWhy Serverless is scary without DevSecOps and Observability
Why Serverless is scary without DevSecOps and ObservabilityEficode
 
Painless DevSecOps: Building Security Into Your DevOps Pipeline
Painless DevSecOps: Building Security Into Your DevOps PipelinePainless DevSecOps: Building Security Into Your DevOps Pipeline
Painless DevSecOps: Building Security Into Your DevOps PipelineTasktop
 
Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Enov8
 

Recommended

Secure your Azure and DevOps in a smart way
Secure your Azure and DevOps in a smart waySecure your Azure and DevOps in a smart way
Secure your Azure and DevOps in a smart wayEficode
 
DevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingDevOps & DevSecOps in Swiss Banking
DevOps & DevSecOps in Swiss BankingAarno Aukia
 
Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & Security Microsoft DevOps Forum 2021 – DevOps & Security
Microsoft DevOps Forum 2021 – DevOps & SecurityNico Meisenzahl
 
Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliancePuppet
 
Observability in highly distributed systems
Observability in highly distributed systemsObservability in highly distributed systems
Observability in highly distributed systemsDevOps Indonesia
 
Why Serverless is scary without DevSecOps and Observability
Why Serverless is scary without DevSecOps and ObservabilityWhy Serverless is scary without DevSecOps and Observability
Why Serverless is scary without DevSecOps and ObservabilityEficode
 
Painless DevSecOps: Building Security Into Your DevOps Pipeline
Painless DevSecOps: Building Security Into Your DevOps PipelinePainless DevSecOps: Building Security Into Your DevOps Pipeline
Painless DevSecOps: Building Security Into Your DevOps PipelineTasktop
 
Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Enov8
 
3 Steps to Expand DevOps and Automation Throughout the Enterprise
3 Steps to Expand DevOps and Automation Throughout the Enterprise3 Steps to Expand DevOps and Automation Throughout the Enterprise
3 Steps to Expand DevOps and Automation Throughout the EnterprisePuppet
 
Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Enov8
 
The Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsThe Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsWhiteSource
 
Devops
DevopsDevops
Devopspenetration Tester
 
Open Source Security: How to Lay the Groundwork for a Secure Culture
Open Source Security: How to Lay the Groundwork for a Secure CultureOpen Source Security: How to Lay the Groundwork for a Secure Culture
Open Source Security: How to Lay the Groundwork for a Secure CultureWhiteSource
 
PIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE
 
Chef Automating Everything-AWS-PubSec-SAO-WashDC_2018
Chef Automating Everything-AWS-PubSec-SAO-WashDC_2018Chef Automating Everything-AWS-PubSec-SAO-WashDC_2018
Chef Automating Everything-AWS-PubSec-SAO-WashDC_2018Larry Eichenbaum
 
DevOps Masterclass Bundle
DevOps Masterclass BundleDevOps Masterclass Bundle
DevOps Masterclass BundleJohn Alex
 
Benefits of DevSecOps
Benefits of DevSecOpsBenefits of DevSecOps
Benefits of DevSecOpsFinto Thomas , CISSP, TOGAF, CCSP, ITIL. JNCIS
 
Kim van Wilgen - Continuous security - Codemotion Rome 2019
Kim van Wilgen - Continuous security - Codemotion Rome 2019Kim van Wilgen - Continuous security - Codemotion Rome 2019
Kim van Wilgen - Continuous security - Codemotion Rome 2019Codemotion
 
How to choose tools for DevOps
How to choose tools for DevOpsHow to choose tools for DevOps
How to choose tools for DevOpsMatthew Skelton
 
10 things to get right for successful dev secops
10 things to get right for successful dev secops10 things to get right for successful dev secops
10 things to get right for successful dev secopsMohammed Ahmed
 
Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Mohammed A. Imran
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approachPuppet
 
DevOps - Why 50 deploys per day is essential
DevOps - Why 50 deploys per day is essentialDevOps - Why 50 deploys per day is essential
DevOps - Why 50 deploys per day is essentialMartin Croker
 
DevSecOps 101
DevSecOps 101DevSecOps 101
DevSecOps 101Narudom Roongsiriwong, CISSP
 
Making Security Agile - Oleg Gryb
Making Security Agile - Oleg GrybMaking Security Agile - Oleg Gryb
Making Security Agile - Oleg GrybSeniorStoryteller
 
Barriers to Container Security and How to Overcome Them
Barriers to Container Security and How to Overcome ThemBarriers to Container Security and How to Overcome Them
Barriers to Container Security and How to Overcome ThemWhiteSource
 
Enterprise DevOps
Enterprise DevOpsEnterprise DevOps
Enterprise DevOpsMicrosoft Visual Studio
 
ScrumPulse Scaling Professional Scrum with Visual Studio Team Services
ScrumPulse Scaling Professional Scrum with Visual Studio Team ServicesScrumPulse Scaling Professional Scrum with Visual Studio Team Services
ScrumPulse Scaling Professional Scrum with Visual Studio Team ServicesMartin Hinshelwood
 
Automate Cloud and Application Security Deployments with Barracuda and Puppet...
Automate Cloud and Application Security Deployments with Barracuda and Puppet...Automate Cloud and Application Security Deployments with Barracuda and Puppet...
Automate Cloud and Application Security Deployments with Barracuda and Puppet...Claire Priester Papas
 
Delivering Infrastructure and Security Policy as Code with Puppet and CyberAr...
Delivering Infrastructure and Security Policy as Code with Puppet and CyberAr...Delivering Infrastructure and Security Policy as Code with Puppet and CyberAr...
Delivering Infrastructure and Security Policy as Code with Puppet and CyberAr...Claire Priester Papas
 

More Related Content

What's hot

3 Steps to Expand DevOps and Automation Throughout the Enterprise
3 Steps to Expand DevOps and Automation Throughout the Enterprise3 Steps to Expand DevOps and Automation Throughout the Enterprise
3 Steps to Expand DevOps and Automation Throughout the EnterprisePuppet
 
Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Enov8
 
The Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsThe Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsWhiteSource
 
Open Source Security: How to Lay the Groundwork for a Secure Culture
Open Source Security: How to Lay the Groundwork for a Secure CultureOpen Source Security: How to Lay the Groundwork for a Secure Culture
Open Source Security: How to Lay the Groundwork for a Secure CultureWhiteSource
 
PIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE
 
Chef Automating Everything-AWS-PubSec-SAO-WashDC_2018
Chef Automating Everything-AWS-PubSec-SAO-WashDC_2018Chef Automating Everything-AWS-PubSec-SAO-WashDC_2018
Chef Automating Everything-AWS-PubSec-SAO-WashDC_2018Larry Eichenbaum
 
DevOps Masterclass Bundle
DevOps Masterclass BundleDevOps Masterclass Bundle
DevOps Masterclass BundleJohn Alex
 
Kim van Wilgen - Continuous security - Codemotion Rome 2019
Kim van Wilgen - Continuous security - Codemotion Rome 2019Kim van Wilgen - Continuous security - Codemotion Rome 2019
Kim van Wilgen - Continuous security - Codemotion Rome 2019Codemotion
 
How to choose tools for DevOps
How to choose tools for DevOpsHow to choose tools for DevOps
How to choose tools for DevOpsMatthew Skelton
 
10 things to get right for successful dev secops
10 things to get right for successful dev secops10 things to get right for successful dev secops
10 things to get right for successful dev secopsMohammed Ahmed
 
Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Mohammed A. Imran
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approachPuppet
 
DevOps - Why 50 deploys per day is essential
DevOps - Why 50 deploys per day is essentialDevOps - Why 50 deploys per day is essential
DevOps - Why 50 deploys per day is essentialMartin Croker
 
Making Security Agile - Oleg Gryb
Making Security Agile - Oleg GrybMaking Security Agile - Oleg Gryb
Making Security Agile - Oleg GrybSeniorStoryteller
 
Barriers to Container Security and How to Overcome Them
Barriers to Container Security and How to Overcome ThemBarriers to Container Security and How to Overcome Them
Barriers to Container Security and How to Overcome ThemWhiteSource
 
ScrumPulse Scaling Professional Scrum with Visual Studio Team Services
ScrumPulse Scaling Professional Scrum with Visual Studio Team ServicesScrumPulse Scaling Professional Scrum with Visual Studio Team Services
ScrumPulse Scaling Professional Scrum with Visual Studio Team ServicesMartin Hinshelwood
 

What's hot (20)

3 Steps to Expand DevOps and Automation Throughout the Enterprise
3 Steps to Expand DevOps and Automation Throughout the Enterprise3 Steps to Expand DevOps and Automation Throughout the Enterprise
3 Steps to Expand DevOps and Automation Throughout the Enterprise
 
Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?
 
The Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOpsThe Challenges of Scaling DevSecOps
The Challenges of Scaling DevSecOps
 
Devops
DevopsDevops
Devops
 
Open Source Security: How to Lay the Groundwork for a Secure Culture
Open Source Security: How to Lay the Groundwork for a Secure CultureOpen Source Security: How to Lay the Groundwork for a Secure Culture
Open Source Security: How to Lay the Groundwork for a Secure Culture
 
PIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE - DevSecOps Automated
PIACERE - DevSecOps Automated
 
Chef Automating Everything-AWS-PubSec-SAO-WashDC_2018
Chef Automating Everything-AWS-PubSec-SAO-WashDC_2018Chef Automating Everything-AWS-PubSec-SAO-WashDC_2018
Chef Automating Everything-AWS-PubSec-SAO-WashDC_2018
 
DevOps Masterclass Bundle
DevOps Masterclass BundleDevOps Masterclass Bundle
DevOps Masterclass Bundle
 
Benefits of DevSecOps
Benefits of DevSecOpsBenefits of DevSecOps
Benefits of DevSecOps
 
Kim van Wilgen - Continuous security - Codemotion Rome 2019
Kim van Wilgen - Continuous security - Codemotion Rome 2019Kim van Wilgen - Continuous security - Codemotion Rome 2019
Kim van Wilgen - Continuous security - Codemotion Rome 2019
 
How to choose tools for DevOps
How to choose tools for DevOpsHow to choose tools for DevOps
How to choose tools for DevOps
 
10 things to get right for successful dev secops
10 things to get right for successful dev secops10 things to get right for successful dev secops
10 things to get right for successful dev secops
 
Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1Practical DevSecOps Course - Part 1
Practical DevSecOps Course - Part 1
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approach
 
DevOps - Why 50 deploys per day is essential
DevOps - Why 50 deploys per day is essentialDevOps - Why 50 deploys per day is essential
DevOps - Why 50 deploys per day is essential
 
DevSecOps 101
DevSecOps 101DevSecOps 101
DevSecOps 101
 
Making Security Agile - Oleg Gryb
Making Security Agile - Oleg GrybMaking Security Agile - Oleg Gryb
Making Security Agile - Oleg Gryb
 
Barriers to Container Security and How to Overcome Them
Barriers to Container Security and How to Overcome ThemBarriers to Container Security and How to Overcome Them
Barriers to Container Security and How to Overcome Them
 
Enterprise DevOps
Enterprise DevOpsEnterprise DevOps
Enterprise DevOps
 
ScrumPulse Scaling Professional Scrum with Visual Studio Team Services
ScrumPulse Scaling Professional Scrum with Visual Studio Team ServicesScrumPulse Scaling Professional Scrum with Visual Studio Team Services
ScrumPulse Scaling Professional Scrum with Visual Studio Team Services
 

Similar to Shift Left: Puppet + CloudPassage = New Approach to Securing DevOps

Automate Cloud and Application Security Deployments with Barracuda and Puppet...
Automate Cloud and Application Security Deployments with Barracuda and Puppet...Automate Cloud and Application Security Deployments with Barracuda and Puppet...
Automate Cloud and Application Security Deployments with Barracuda and Puppet...Claire Priester Papas
 
Delivering Infrastructure and Security Policy as Code with Puppet and CyberAr...
Delivering Infrastructure and Security Policy as Code with Puppet and CyberAr...Delivering Infrastructure and Security Policy as Code with Puppet and CyberAr...
Delivering Infrastructure and Security Policy as Code with Puppet and CyberAr...Claire Priester Papas
 
Delivering Enterprise-Grade Cloud Automation with Puppet and AHEAD
Delivering Enterprise-Grade Cloud Automation with Puppet and AHEAD Delivering Enterprise-Grade Cloud Automation with Puppet and AHEAD
Delivering Enterprise-Grade Cloud Automation with Puppet and AHEAD Puppet
 
DevOps for Defenders in the Enterprise
DevOps for Defenders in the EnterpriseDevOps for Defenders in the Enterprise
DevOps for Defenders in the EnterpriseJames Wickett
 
Intro to Puppet Enterprise 06.28.2017
Intro to Puppet Enterprise 06.28.2017Intro to Puppet Enterprise 06.28.2017
Intro to Puppet Enterprise 06.28.2017Puppet
 
Intro to Puppet Enterprise for a Windows Environment - 08.23
Intro to Puppet Enterprise for a Windows Environment - 08.23Intro to Puppet Enterprise for a Windows Environment - 08.23
Intro to Puppet Enterprise for a Windows Environment - 08.23Puppet
 
Introduction to Puppet Enterprise
Introduction to Puppet Enterprise Introduction to Puppet Enterprise
Introduction to Puppet Enterprise Puppet
 
Microsoft Skills Bootcamp - The power of GitHub and Azure
Microsoft Skills Bootcamp - The power of GitHub and AzureMicrosoft Skills Bootcamp - The power of GitHub and Azure
Microsoft Skills Bootcamp - The power of GitHub and AzureDavide Benvegnù
 
Intro to Puppet Enterprise Webinar 07.27.2017
Intro to Puppet Enterprise Webinar 07.27.2017Intro to Puppet Enterprise Webinar 07.27.2017
Intro to Puppet Enterprise Webinar 07.27.2017Claire Priester Papas
 
we45 SecDevOps Presentation - ISACA Chennai
we45 SecDevOps Presentation - ISACA Chennaiwe45 SecDevOps Presentation - ISACA Chennai
we45 SecDevOps Presentation - ISACA ChennaiAbhay Bhargav
 
Devops Engineer E-Degree In Just 3 Months
Devops Engineer E-Degree In Just 3 MonthsDevops Engineer E-Degree In Just 3 Months
Devops Engineer E-Degree In Just 3 MonthsJohn Alex
 
Checkpoint Firewall Training | Checkpoint Firewall Online Course
Checkpoint Firewall Training | Checkpoint Firewall Online CourseCheckpoint Firewall Training | Checkpoint Firewall Online Course
Checkpoint Firewall Training | Checkpoint Firewall Online CourseGlobal Online Trainings
 
DevOps CTO Masterclass | Webinar Oct. 2020
DevOps CTO Masterclass | Webinar Oct. 2020DevOps CTO Masterclass | Webinar Oct. 2020
DevOps CTO Masterclass | Webinar Oct. 2020Cyber-Duck
 
Strengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or lessStrengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or lessMohammed A. Imran
 
Puppet plugin for vRealize Automation (vRA)
Puppet plugin for vRealize Automation (vRA)Puppet plugin for vRealize Automation (vRA)
Puppet plugin for vRealize Automation (vRA)Puppet
 
AWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSAWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSEric Smalling
 
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...Weaveworks
 
DevOps 101 - Moving Fast with Confidence
DevOps 101 - Moving Fast with ConfidenceDevOps 101 - Moving Fast with Confidence
DevOps 101 - Moving Fast with ConfidenceNew Relic
 

Similar to Shift Left: Puppet + CloudPassage = New Approach to Securing DevOps (20)

Automate Cloud and Application Security Deployments with Barracuda and Puppet...
Automate Cloud and Application Security Deployments with Barracuda and Puppet...Automate Cloud and Application Security Deployments with Barracuda and Puppet...
Automate Cloud and Application Security Deployments with Barracuda and Puppet...
 
Delivering Infrastructure and Security Policy as Code with Puppet and CyberAr...
Delivering Infrastructure and Security Policy as Code with Puppet and CyberAr...Delivering Infrastructure and Security Policy as Code with Puppet and CyberAr...
Delivering Infrastructure and Security Policy as Code with Puppet and CyberAr...
 
Delivering Enterprise-Grade Cloud Automation with Puppet and AHEAD
Delivering Enterprise-Grade Cloud Automation with Puppet and AHEAD Delivering Enterprise-Grade Cloud Automation with Puppet and AHEAD
Delivering Enterprise-Grade Cloud Automation with Puppet and AHEAD
 
DevOps for Defenders in the Enterprise
DevOps for Defenders in the EnterpriseDevOps for Defenders in the Enterprise
DevOps for Defenders in the Enterprise
 
Intro to Puppet Enterprise 06.28.2017
Intro to Puppet Enterprise 06.28.2017Intro to Puppet Enterprise 06.28.2017
Intro to Puppet Enterprise 06.28.2017
 
Intro to Puppet Enterprise for a Windows Environment - 08.23
Intro to Puppet Enterprise for a Windows Environment - 08.23Intro to Puppet Enterprise for a Windows Environment - 08.23
Intro to Puppet Enterprise for a Windows Environment - 08.23
 
Api gitlab: configurazione dei progetti as a service
Api gitlab: configurazione dei progetti as a serviceApi gitlab: configurazione dei progetti as a service
Api gitlab: configurazione dei progetti as a service
 
Introduction to Puppet Enterprise
Introduction to Puppet Enterprise Introduction to Puppet Enterprise
Introduction to Puppet Enterprise
 
Microsoft Skills Bootcamp - The power of GitHub and Azure
Microsoft Skills Bootcamp - The power of GitHub and AzureMicrosoft Skills Bootcamp - The power of GitHub and Azure
Microsoft Skills Bootcamp - The power of GitHub and Azure
 
Intro to Puppet Enterprise Webinar 07.27.2017
Intro to Puppet Enterprise Webinar 07.27.2017Intro to Puppet Enterprise Webinar 07.27.2017
Intro to Puppet Enterprise Webinar 07.27.2017
 
we45 SecDevOps Presentation - ISACA Chennai
we45 SecDevOps Presentation - ISACA Chennaiwe45 SecDevOps Presentation - ISACA Chennai
we45 SecDevOps Presentation - ISACA Chennai
 
Devops Engineer E-Degree In Just 3 Months
Devops Engineer E-Degree In Just 3 MonthsDevops Engineer E-Degree In Just 3 Months
Devops Engineer E-Degree In Just 3 Months
 
Checkpoint Firewall Training | Checkpoint Firewall Online Course
Checkpoint Firewall Training | Checkpoint Firewall Online CourseCheckpoint Firewall Training | Checkpoint Firewall Online Course
Checkpoint Firewall Training | Checkpoint Firewall Online Course
 
DevOps CTO Masterclass | Webinar Oct. 2020
DevOps CTO Masterclass | Webinar Oct. 2020DevOps CTO Masterclass | Webinar Oct. 2020
DevOps CTO Masterclass | Webinar Oct. 2020
 
Strengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or lessStrengthen and Scale Security for a dollar or less
Strengthen and Scale Security for a dollar or less
 
Puppet plugin for vRealize Automation (vRA)
Puppet plugin for vRealize Automation (vRA)Puppet plugin for vRealize Automation (vRA)
Puppet plugin for vRealize Automation (vRA)
 
AWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWSAWS live hack: Atlassian + Snyk OSS on AWS
AWS live hack: Atlassian + Snyk OSS on AWS
 
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
Securing Your App Deployments with Tunnels, OIDC, RBAC, and Progressive Deliv...
 
DevOps 101 - Moving Fast with Confidence
DevOps 101 - Moving Fast with ConfidenceDevOps 101 - Moving Fast with Confidence
DevOps 101 - Moving Fast with Confidence
 
Global DevOps BootCamp
Global DevOps BootCampGlobal DevOps BootCamp
Global DevOps BootCamp
 

More from Claire Priester Papas

Critical Considerations for Continuous Delivery 04.09.2018
Critical Considerations for Continuous Delivery 04.09.2018Critical Considerations for Continuous Delivery 04.09.2018
Critical Considerations for Continuous Delivery 04.09.2018Claire Priester Papas
 
Easily adapt Puppet Modules with PDK Convert 02/22/2018
Easily adapt Puppet Modules with PDK Convert 02/22/2018Easily adapt Puppet Modules with PDK Convert 02/22/2018
Easily adapt Puppet Modules with PDK Convert 02/22/2018Claire Priester Papas
 
Automation for the Modern Enterprise_26oct2017
Automation for the Modern Enterprise_26oct2017Automation for the Modern Enterprise_26oct2017
Automation for the Modern Enterprise_26oct2017Claire Priester Papas
 
Automation for the Modern Enterprise - 18 October 2017
Automation for the Modern Enterprise - 18 October 2017Automation for the Modern Enterprise - 18 October 2017
Automation for the Modern Enterprise - 18 October 2017Claire Priester Papas
 
Key Findings from the 2017 State of DevOps Report 06.08.2017
Key Findings from the 2017 State of DevOps Report 06.08.2017Key Findings from the 2017 State of DevOps Report 06.08.2017
Key Findings from the 2017 State of DevOps Report 06.08.2017Claire Priester Papas
 
Intro to Puppet Enterprise 05.18.2017
Intro to Puppet Enterprise 05.18.2017Intro to Puppet Enterprise 05.18.2017
Intro to Puppet Enterprise 05.18.2017Claire Priester Papas
 

More from Claire Priester Papas (7)

Critical Considerations for Continuous Delivery 04.09.2018
Critical Considerations for Continuous Delivery 04.09.2018Critical Considerations for Continuous Delivery 04.09.2018
Critical Considerations for Continuous Delivery 04.09.2018
 
Easily adapt Puppet Modules with PDK Convert 02/22/2018
Easily adapt Puppet Modules with PDK Convert 02/22/2018Easily adapt Puppet Modules with PDK Convert 02/22/2018
Easily adapt Puppet Modules with PDK Convert 02/22/2018
 
Automation for the Modern Enterprise_26oct2017
Automation for the Modern Enterprise_26oct2017Automation for the Modern Enterprise_26oct2017
Automation for the Modern Enterprise_26oct2017
 
Automation for the Modern Enterprise - 18 October 2017
Automation for the Modern Enterprise - 18 October 2017Automation for the Modern Enterprise - 18 October 2017
Automation for the Modern Enterprise - 18 October 2017
 
Apple IT Managing Containers
Apple IT Managing Containers Apple IT Managing Containers
Apple IT Managing Containers
 
Key Findings from the 2017 State of DevOps Report 06.08.2017
Key Findings from the 2017 State of DevOps Report 06.08.2017Key Findings from the 2017 State of DevOps Report 06.08.2017
Key Findings from the 2017 State of DevOps Report 06.08.2017
 
Intro to Puppet Enterprise 05.18.2017
Intro to Puppet Enterprise 05.18.2017Intro to Puppet Enterprise 05.18.2017
Intro to Puppet Enterprise 05.18.2017
 

Recently uploaded

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 

Recently uploaded (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 

Shift Left: Puppet + CloudPassage = New Approach to Securing DevOps

  • 1. Puppet presents “Talking Tech” A new webinar series featuring exciting technology solutions that are driving the industry forward Shift Left: Puppet + CloudPassage = New Approach to Securing DevOps Date: Wednesday, 15 November
  • 2. Shift Left: New approach to securing DevOps
  • 3. Talking Tech: Puppet Webinar Series Presenters Tim Zonca Vice President Worldwide Marketing and Business Development Puppet Amit Gupta Vice President Product Management CloudPassage
  • 4. Talking Tech: Puppet Webinar Series ● DevOps and security: a Puppet perspective ● Automating security with Puppet and CloudPassage What we’re talking about Agenda
  • 5. Everyone is transforming to deliver great customer experiences through software
  • 6. Talking Tech: Puppet Webinar Series Evolution of DevOps Speed Quality Security
  • 7. Talking Tech: Puppet Webinar Series DevOps done right delivers results
  • 8. Talking Tech: Puppet Webinar Series Different teams. Different needs. Model desired state Continual enforcement
  • 9. Talking Tech: Puppet Webinar Series Benefits of integrating security early and often
  • 10. Talking Tech: Puppet Webinar Series CloudPassage and Puppet Automated Security for Agile Enterprise Meets the DevOps Leader
  • 11. Talking Tech: Puppet Webinar Series End-to-end, automated security with Puppet and CloudPassage
  • 12. Talking Tech: Puppet Webinar Series Traditional security tools don’t work in the cloud Source: Holger Schulze, Cloud Security Spotlight Report / March 2017 Q
  • 13. Talking Tech: Puppet Webinar Series Five critical attributes for modern IT security Visibility 2 Speed 1 Integration 4 Portability 3 Scale 5
  • 14. Talking Tech: Puppet Webinar Series Key challenges for modern enterprise Ops teams Identifying configuratio n drift in deployed workloads in real-time Running security checks at the end of the dev cycle -slow & expensive Integrating security with automated CI/CD & IT service delivery tools Lacking a single security solution for workloads & containers Applying security checks & controls in highly elastic environments Visibility 2 Speed 1 Integration 4 Portability 3 Scale 5 Goal Rapidly deliver and maintain innovative, reliable, & secure apps & systems to drive growth
  • 15. Workload security and compliance automation from development to deployment, across clouds and data centers, servers and containers – at DevOps speed & scale CloudPassage Halo Deliver frictionless security
  • 16. Talking Tech: Puppet Webinar Series Security at the speed of the modern enterprise
  • 17. Talking Tech: Puppet Webinar Series Orchestrating security & compliance with CloudPassage and Puppet
  • 18. Talking Tech: Puppet Webinar Series Example: Automated installation and policy assignment 100100 110111 0 000100 110101 1 POLICY - Firewall - Config - Accounts Tag ABC D 1001 0 8927 Halo agent with tag Policy Telemetry 1 2 3 Amazon EC2 Amazon EC2
  • 19. Talking Tech: Puppet Webinar Series Example: Fast feedback to developer Amazon EC2
  • 20. Talking Tech: Puppet Webinar Series Example: Automated closed-loop remediation Vulnerability Remediation Integrated Manager 1 2 3 Amazon EC2 4
  • 21. Talking Tech: Puppet Webinar Series Solving problems together Puppet automates deployment PE + CloudPassage SolutionChallenge Security tools are friction Built for dynamic cloud environments High cost of disparate point products Multi-environment, containers, VMs Manual updates needed to ensure security and compliance Automatically remediate any changes to security and compliance policies Security tools require maintenance
  • 22. Q&A Resources: Install CloudPassage Halo agent: https://forge.puppet.com/cloudpassage Read our solution brief: https://puppet.com/resources/solution-brief/puppet-and-cloudpassage-agile-security-demand