If you’re lucky enough to be using both CloudPassage and Puppet in tandem, you know how much easier it is to both automate security for DevOps, while gaining better visibility into workloads. Meaning you can use CloudPassage’s workload protection to detect any vulnerabilities right when they happen, and then use Puppet’s configuration management to have better control over workloads when it comes time to remediate, which should always be as soon as possible!
We make a great team, which is why we joined the Puppet Technology Alliance Partner Program.
So if your organization was one of the many impacted by WannaCry, you would be able to use CloudPassage Halo to effectively detect which servers are vulnerable to such an attack, and which have been compromised. This information is then used by Puppet to update and remediate those servers by upgrading the SMB package to the latest version.
It’s all based on the REST API that Halo provides, (which we might add is extremely easy to integrate with). To begin, all you need to do is:
The workflow here is simple and something that should be taken advantage of.
WannaCry, and breaches like it, can quickly be dealt with with the right tools to know where you’re vulnerable and how to quickly respond when new vulnerabilities are found. Always make sure that your software has been updated, and use tools like CloudPassage Halo and Puppet to automate as many of your security process as possible, fixing as you go rather than at the end of the month, or year.