This module integrates vulnerability scanning into Puppet and the Puppet workflow. The vulnerability scanning engine is built upon the grype
. Once installed, the module will scan your system for vulnerabilities and report all vulnerabilities as Puppet facts.
The facts are uploaded to the Puppetdb, and here, you can use these facts to see how your entire fleet of systems is doing vulnerability-wise.
The module also contains several convenience functions to let Puppet d something when it has detected one or more vulnerabilities. This ensures that it is not only a scanning/detection system but also actively enforces the security of your systems.
Our modules are based on an annual subscription(an entitlement). When you purchase an entitlement:
- you are allowed to use the module on the named nodes you purchased the subscription for;
- you get full support on usage and any issues you have;
- we will guide you towards a working setup;
- Are allowed to use the latest and greatest version without any extra charge.
We will make sure the modules keep working with the latest versions of Puppet en the supporting products like Oracle IBM MQ or WebLogic.
We currently have the following licensing methods for you:
1) Free when used on VirtualBox
2) Per node per year subscription
3) Custom licensing
1. Free when used on VirtualBox
This module is Free when used on a VirtualBox testing machine. The software checks if you are using VirtualBox and allows usage. No need to get any licenses from us to get going. Just download the module from our own forge and get going. To download the module use:
puppet module install
--module_repository=http://forge.enterprisemodules.com
enterprisemodules-modulename
2. Per node per year subscription
Our basic licensing model requires a subscription per node. The subscription is valid for a year. To make this work, we need you to send us the node name of the system you want to use the module on. (Not the puppetmaster, but the system where the agent is running.). Based on this information we will send you a file containing the entitlement for your node(s). You can purchase the entitlement in the shop or you can contact us. After you have ordered this module, you will receive an entitlement file. This file contains the information needed to run the software on your Puppet machine (agents).
3. Custom licensing
Our license manager is very flexible. If you have special requirements, please contact us so we can discuss other options.
When you have questions about licensing, please contact us or check our licensing FAQ
The vulnerability
module requires:
- Puppet version 5.0 or higher. Can be Puppet Enterprise or Puppet Open Source
- A valid entitlement for usage.
- Runs on most Linux and Windows systems.