The Digital Operational Resilience Act (DORA) has already begun to reshape the financial landscape in the European Union and beyond. As of January 2025, EU financial entities and Information and Communication Technology (ICT) third-party providers must demonstrate robust operational resilience against ICT disruptions.

Today, I’m excited to share that Perforce Puppet has launched the first build of Puppet Core! Here’s why the inaugural release of this new product marks a huge step forward for Open Source Puppet users.

AI offers a world of promise for security teams, including potential for advanced threat detection, automated response capabilities, and enhanced data analysis for cybersecurity. But the same technology that supports cybersecurity teams can also be weaponized by threat actors — a true “Good vs. Evil", or “Jekyll and Hyde” scenario.

A patch management process lays out the steps associated with updating software and hardware. The typical patch management procedure includes things like prioritizing important patches, testing them, and eventually deploying them on an automated schedule — but with so many tools for managing patching in so many different kinds of setups, no two IT teams’ patch management processes look alike. What does your patch management process look like?

Patching on Windows operating systems can be a very complicated process. The frequency, size, and proprietary tools used for Windows patching can make patch management a challenge on Windows — but it’s essential for maintaining secure, compliant, efficient Windows and multi-OS environments. In this blog, we’ll run through the basics of Windows patching, the particulars that can make it a hassle, and offer some tips for tackling those headache-inducing hangups.

For financial institutions across the EU, and for organisations that do business with these institutions, Digital Operational Resilience Act (DORA) compliance is no longer a “nice to have” — it’s mandatory. No matter how you’re currently meeting and maintaining compliance with the DORA regulation, automation can improve efficiency and effectiveness of the controls you use to stay DORA-compliant.

If you moved to the cloud hoping for cost savings and scalability only to find that your cloud costs are ballooning, your cloud performance isn’t up to snuff, or you’re always struggling to align compliance regulations with your cloud deployment, it might be time to look into cloud repatriation as an alternative to public cloud infrastructure. Moving anything from public cloud to private cloud or on-prem infrastructure this year?

CMMC requirements have been shifting recently, with a new version of the Cybersecurity Maturity Model Certification (CMMC 2.0) and distinct levels requiring distinct controls. Mandatory for practically any organization doing business with the US Department of Defense (DoD), CMMC is unavoidable all along the DoD’s supply chain.

We’re always rolling out new ways to make Puppet easier to use and maintain so you can run better infrastructure, ditch toil, save time, and increase ROI — fast. This guide will help you with a few need-to-know time saving tricks that can make starting with Puppet, or continuing to manage Puppet, easier and speedier.

2025 will continue the theme of powerful business and technological transformation under a never-ending barrage of cyber threats that are spawning faster and evolving in more complex ways than ever. To ward off an increasingly sophisticated community of threat actors, we’ll need to innovate faster than the speed of the threat landscape — but how?