DevOps is the new way of working in the IT world, bringing developers and the operations teams together to make for faster, smarter application development that is constantly evolving. It breaks the waterfall method of ‘throwing it over the wall’ to a model where hundreds of iterations can happen each and every day. Just take Trainline CIO Mark Holt, who said his team produced 12,000 product releases last year, or Transport Systems Catapult CIO Alex Farr who has formed a virtual DevOps team at the organisation’s innovation centre to make for more intelligent mobility.
The benefits are clear; in the 2017 State of DevOps Report from Puppet and the DevOps Research and Assessment Group (DORA), they found that high performing organisations that effectively utilize DevOps principles achieve:
- 46x more frequent software deployments than their competitors.
- 96x faster recovery from failures.
- 440x faster lead time for changes.
- Higher levels of customer satisfaction and operational efficiency.
However, what is less well known is that DevOps practices can actually improve information security, news to some people who, in the early days, thought DevOps meant less security, more openness and thus more room for vulnerabilities.
In this audio webcast, we target IT managers+ but speak in business terms around the issue of using a DevOps model to improve your security posture.
We discuss how DevOps can help with remediation, moving away from manual fixes. This level of automation can help security and IT teams work together to make remediation faster, and easier to understand.
For example, one Puppet customer has to scan through 40,000 lines on an Excel sheet to remediate an issue, while another receives a 300-page pdf. Through Puppet, they can see, scan and report security issues and all through an easy dashboard that can leveraged by different stakeholders at the same time. It’s automated a simple and easy process, which saves your time and energy so you can focus on what’s really important.
By working with Puppet, CIOs and IT teams get DevOps experience and scale as well as integration with leading vulnerability managers like Qualys and Tenable and Rapid7. Through Puppet Enterprise, customers can automate configuration management and much more. It’s as close to 1 click as possible.
Puppet gives you constant real-time visibility into the state of your infrastructure. And because it's a key component of a robust DevOps toolchain, Puppet helps you incorporate security policy into your software right from the start. Furthermore, Puppet's accessible language and compatibility with a wide range of technologies enables better collaboration between all your teams: development, operations, security, networking and more. IT groups using Puppet and DevOps practices can spend dramatically less time on security issues, giving them more time to innovate and release software faster.
In partnership with: