2016 PuppetConf Talk
At PuppetConf 2016 I gave a talk titled “Puppet as Security Tooling” where I talked about how Puppet can be useful to a security team and to increase the security of your systems, not just do Ops configuration. Video online at YouTube and the abstract is below. If something happens to the YouTube video, I’ve got a copy and would be happy to share it.
As a Puppet user, you know the value of Puppet for configuration management, deployment, and delivery of your applications. What you may not know is that it is also a powerful tool for securing your environment and for meeting your compliance and auditing needs. In this session you’ll see how Puppet can provide policy enforcement, help monitor compliance requirements, and help with fast response to security issues. I’ll speak about my experience running a small security program using Puppet and provide you guidance about where to look to make wins for your organization.