Puppet builds project and vulnerability assessment tools for devops

The beta tools are designed to help assess devops results and automate security remediations

Puppet is developing applications to provide operational insights and vulnerability assessments for devops.

Devops insights tool

The Puppet Insights tool, which arose from Puppet’s June 2018 acquisition of data visualization company Reflect, is intended to measure the impacts of devops investments by aggregating and analyzing data across the tool chain, with visibility into the software delivery pipeline. Dashboards help identify the velocity, quality, and impact of software delivery teams and processes. Aspects such as software defect rates are measured in evaluating a software delivery project.

Now in private beta, Insights will work with source-control systems suchas GitHub and BitBucket, CI tools such as TravisCI, and with the Puppet Enterprise devops platform. There’s no firm release date, but the expectation is that it won’t ship until 2019. Future integrations are planned for the Jenkins CI/CD platform.

Security vulnerability remediation tool

Puppet’s planned security vulnerability remediation tool will link data gathered from vulnerability scanners such as Qualys and Tenable to the Puppet Discovery suite, for identifying IT resources. The tool will launch tasks to remediate vulnerabilities, allowing insights to lead to action. A private beta is due on October 23.