BlogContact SalesTry Puppet 
Search Puppet.com
Why Puppet

Puppet is the industry standard for IT automation.

Modernize, manage and bring your hybrid infrastructure into compliance through Puppet's powerful continuous automation.

Use Cases
Puppet Enterprise LogoGet Puppet Enterprise

First 10 nodes are free!

Products
Pricing & Packaging
Integrations
Puppet Compass Logo
Puppet Compass

Puppet Compass is your learning portal for tools and best practices to address common business challenges.

Professional services
Support
Open Source Puppet Assist
Your one-stop shop for exclusive tools to enhance your efficiency using Open Source Puppet.
Custom consulting services

Get up and running quickly with a custom solution that addresses your unique business goals and easily allows for growth as your needs evolve.

Puppet Forge

Find thousands of component modules built by the community and guidance on using them in your own infrastructure.

EcosystemOpen Source Projects
Community
Contribute
State of DevOps Report

Since launching our first DevOps survey in 2012, we’ve learned a lot about the power of DevOps to transform organizations.

Product Documentation
Resource library
Customers
Partners
Featured Partners
Servicenow Logo
Splunk Logo
Tenable Logo
Puppet Events
About Us

Puppet takes the risk out of change. We meet you where you are today and take you where you need to go.

CompanyWorking at Puppet
Press & news
Events
It's our community that makes Puppet great. Connect with Puppet users and employees.
homeuse casescontinuous compliance
hero Compliance updated

Continuous Compliance

Meet compliance and security standards automatically with policy as code
Whether you are one person managing hundreds of systems or a team managing thousands of systems, Puppet unifies your control and visibility across clouds and data centers to ensure compliance with regulatory frameworks, internal security policies, and even operational policies through policy as code.
Talk to an expert Learn more 
CandS Compliance updated

The Compliance and Security Challenges of the Operator Today

  • Inability to keep up with the ever-shifting security policies (including but not limited to regulatory compliance)
  • Inability to respond to configuration drift that requires immediate remediation when using commands, scripts, and playbooks.
  • Time-consuming, tedious, and expensive audit prep.
  • Manual security inspections of OS and middleware configuration that delay software deployments and creates poor developer experience
  • Lack of visibility into compliance status due to tool sprawl makes enforcement of compliance extremely complex and time-consuming.
CandS Compliance updated

The Benefits of Puppet Technologies for Compliance

Using self-enforcing Policy as Code, Puppet helps you efficiently bring new and existing compute resources into compliance, quickly update them as policies change, and easily demonstrate compliance to auditors.

Stop remediation fire-drills with continuous enforcement

With policy as code, simply describe the desired state for systems and watch the systems enforce themselves. Don’t worry about configuration drift.

Puppet keeps the environment consistent and in its intended state. Having a consistent environment puts a limit on the unknowns, which is good for our security posture as well.
Chris Vervais, Director, Site Reliability, Splunk

Streamline audits and get teams on the same page

Policy as code becomes a common language you can use to collaborate with security teams and has proven to be one the strongest pieces of evidence of infrastructure compliance for auditors around the globe. Stop sweating audits.

There is no proving anything, because [the internal audit team] has already looked in all of the code that underpins this. They know that if we say it's compliant, it's actually already compliant. So for us, that's removed a tremendous number of hours — I would say literally thousands of hours a year.
Nathan Kroenert, Enterprise Platform Senior Consultant, ANZ Bank

Improve developer experience with self-service compliant builds

Puppet’s robust APIs give you the flexibility to provide compliant build options in the appropriate interface for your DevOps teams. No more delayed software releases.

product web COMPLY Dashboard

Get a holistic view of compliance status with scanning and reporting

Through key integrations with the Center for Internet Security (CIS) and US Federal Frameworks, you can get an estate-level view of where your systems are compliant with the benchmark you choose.

product web COMPLY Dashboard

Get continuous compliance with Puppet

Learn more
ebook
How a Policy as Code Approach to Compliance Benefits Your Organization
ebook
Ebook: Fostering a Culture of Joint Accountability for IT, Security, and Compliance Across an Organization