After several decades of use, should we consider open source software (OSS) a business model? In short: No! In this conversation, open source evangelist Javier Perez welcomes technology evangelist and CNCF ambassador Dotan Horovits to provide context for the biggest changes happening in OSS, discuss what a sustainable future looks like for open source, and explain what to do when companies choose to go not-so-open with their source code.

Highlights:

• Why open source shouldn’t be considered a business model
• The “disturbing trend” in OSS and why “nothing is written in stone” when it comes to open source
• How tools can differentiate themselves from the ‘open source-ness' of their projects

Speakers:

• Javier Perez, Open Source Evangelist
• Dotan Horovits, Cloud Native Ambassador at the Cloud Native Computing Foundation (CNCF) and host of the OpenObservability Talks podcast

Links:

• Get the new State of Open Source Report from OpenLogic
• Find Dotan on LinkedIn and Twitter
• Read Dotan’s articles on ‘vendor-owned open source’ and ‘When Your Open Source Turns to the Dark Side’
• Read Javier’s articles on the State of Open Source in 2024 and concerns over the future of open source
• Listen to OpenObservability Talks on YouTube and wherever you get podcasts

Find Us Online:

• puppet.com
• Apple Podcasts
• Twitter
• LinkedIn

When Sean Atkinson says that “We’re on a trajectory to have the most vulnerabilities ever identified in a single year, starting this year,” take note: As Chief Information Security Officer for the Center for Internet Security, he knows what he’s talking about.

He’s referring to the ever-increasing tide of weaknesses and flaws that undermine the security of software used every single day by teams around the world. Between a more active threat landscape, demands for development velocity, and the rise of generative AI, the cat in this proverbial game of cat-and-mouse has their work cut out for them.

In this conversation, Robin Tatam, Puppet’s Evangelist and Certified Information Security Manager, talks with Sean about the role of a CISO, what’s behind the unprecedented rise in vulnerabilities, and how smart integrations turn automation into a first-line defense against threats, misconfiguration, errors, and software vulnerabilities.

Highlights:

• What a CISO actually does versus a CIO or a CTO
• The difference between “security” and “compliance”
• How compliance helps build the backbone of a long-term security posture
• Who really owns IT security and where IT operations fits into the security conversation
• What CIS Benchmarks are, what they do, and how CIS “wizards” keep them up-to-date on the latest vulnerabilities
• How Puppet’s partnership with CIS puts the power of automation behind CIS’s widely recognized frameworks

Speakers:

• Robin Tatam, Senior Technical Marketer and Evangelist, Puppet by Perforce
• Sean Atkinson, Chief Information Security Officer, Center for Internet Security

Links:

• Learn more about Security Compliance Enforcement, a premium feature for Open Source Puppet and Puppet Enterprise that automates secure configurations hardened against CIS Benchmarks and DISA STIGs
• Listen to Sean’s podcast with CIS, “Cybersecurity Where You Are,” wherever you get podcasts

Find Us Online:

• puppet.com
• Apple Podcasts
• Twitter
• LinkedIn

It’s all good news, we promise! The Forge has always been the go-to spot for Puppet users to find, download, and update content and modules. On this episode, we're revealing a few of the exciting changes that are going to make the Forge even easier and more valuable for all Puppet users, like personalization, filters, and features to track module versions and updates against your Puppet file.

As of today, there are 7,508 modules on the Puppet Forge – some active, some deprecated, some created and supported by Puppet Labs, some by community groups like Vox Pupuli. While it’s become a hub for all Puppet users, we've heard feedback on ways it could be even better. We see a brighter future for the Forge – one built for and shaped by users like you! Join Ben Ford as he talks to Forge Product Manager Saurabh Karwa about what the Forge is today, the subtle changes that are already in the works, the near-term roadmap, and the long-term vision for the Forge.

Speakers:

• Ben Ford, Community Lead at Puppet by Perforce
• Saurabh Karwa, Product Manager at Puppet by Perforce

Highlights:

• Introducing Saurabh, the Product Manager for the Puppet Forge
• What the Forge is today and what it needs to become THE place for Puppet users
• The role of the Puppet Community in shaping the future of the Forge
• Adding personalization, new filters, and features to track module versions and updates
• Why you should join our new Ecosystem Advisory Board

Links:

• Join the Puppet Community Slack
• Tell us what you think of the Forge and PDK with the Ecosystem Advisory Board survey
• Email Saurabh at skarwa@perforce.com