Pulling the Strings

After several decades of use, should we consider open source software (OSS) a business model? In short: No! In this conversation, open source evangelist Javier Perez welcomes technology evangelist and CNCF ambassador Dotan Horovits to provide context for the biggest changes happening in OSS, discuss what a sustainable future looks like for open source, and explain what to do when companies choose to go not-so-open with their source code.
Highlights:
Why open source shouldn’t be considered a business model
The “disturbing trend” in OSS and why “nothing is written in stone” when it comes to open source
How tools can differentiate themselves from the ‘open source-ness' of their projects
Speakers:
Javier Perez, Open Source Evangelist
Dotan Horovits, Cloud Native Ambassador at the Cloud Native Computing Foundation (CNCF) and host of the OpenObservability Talks podcast
Links:
Get the new State of Open Source Report from OpenLogic
Find Dotan on LinkedIn and Twitter
Read Dotan’s articles on ‘vendor-owned open source’ and ‘When Your Open Source Turns to the Dark Side’
Read Javier’s articles on the State of Open Source in 2024 and concerns over the future of open source
Listen to OpenObservability Talks on YouTube and wherever you get podcasts
Find Us Online:
puppet.com
Apple Podcasts
Twitter
LinkedIn

When Sean Atkinson says that “We’re on a trajectory to have the most vulnerabilities ever identified in a single year, starting this year,” take note: As Chief Information Security Officer for the Center for Internet Security, he knows what he’s talking about.
He’s referring to the ever-increasing tide of weaknesses and flaws that undermine the security of software used every single day by teams around the world. Between a more active threat landscape, demands for development velocity, and the rise of generative AI, the cat in this proverbial game of cat-and-mouse has their work cut out for them.
In this conversation, Robin Tatam, Puppet’s Evangelist and Certified Information Security Manager, talks with Sean about the role of a CISO, what’s behind the unprecedented rise in vulnerabilities, and how smart integrations turn automation into a first-line defense against threats, misconfiguration, errors, and software vulnerabilities.
Highlights:
What a CISO actually does versus a CIO or a CTO 
The difference between “security” and “compliance” 
How compliance helps build the backbone of a long-term security posture 
Who really owns IT security and where IT operations fits into the security conversation 
What CIS Benchmarks are, what they do, and how CIS “wizards” keep them up-to-date on the latest vulnerabilities 
How Puppet’s partnership with CIS puts the power of automation behind CIS’s widely recognized frameworks
Speakers:
Robin Tatam, Senior Technical Marketer and Evangelist, Puppet by Perforce
Sean Atkinson, Chief Information Security Officer, Center for Internet Security
Links:
Learn more about Security Compliance Enforcement, a premium feature for Open Source Puppet and Puppet Enterprise that automates secure configurations hardened against CIS Benchmarks and DISA STIGs
Listen to Sean’s podcast with CIS, “Cybersecurity Where You Are,” wherever you get podcasts
Find Us Online:
puppet.com
Apple Podcasts
Twitter
LinkedIn

It’s all good news, we promise! The Forge has always been the go-to spot for Puppet users to find, download, and update content and modules. On this episode, we're revealing a few of the exciting changes that are going to make the Forge even easier and more valuable for all Puppet users, like personalization, filters, and features to track module versions and updates against your Puppet file.
As of today, there are 7,508 modules on the Puppet Forge – some active, some deprecated, some created and supported by Puppet Labs, some by community groups like Vox Pupuli. While it’s become a hub for all Puppet users, we've heard feedback on ways it could be even better. We see a brighter future for the Forge – one built for and shaped by users like you! Join Ben Ford as he talks to Forge Product Manager Saurabh Karwa about what the Forge is today, the subtle changes that are already in the works, the near-term roadmap, and the long-term vision for the Forge.
Speakers:
Ben Ford, Community Lead at Puppet by Perforce
Saurabh Karwa, Product Manager at Puppet by Perforce
Highlights:
Introducing Saurabh, the Product Manager for the Puppet Forge
What the Forge is today and what it needs to become THE place for Puppet users
The role of the Puppet Community in shaping the future of the Forge
Adding personalization, new filters, and features to track module versions and updates
Why you should join our new Ecosystem Advisory Board
Links:
Join the Puppet Community Slack
Tell us what you think of the Forge and PDK with the Ecosystem Advisory Board survey
Email Saurabh at [email protected]

The 2024 State of DevOps Report: The Evolution of Platform Engineering is live! In this episode, we’re taking you behind the scenes with the authors of the report and one of the people who helped run the survey.
Download the 2024 report for free here!
On this episode, join us as host Ben Ford, report authors Margaret Lee and David Sandilands, and project manager Stephanie Fairchild pull back the curtain on the 2024 State of DevOps Report.
What are the characteristics of successful platforms? Why is the new practice driving a surge in security? Where is platform engineering going next? Learn more in this episode!
Highlights:
Why the State of DevOps Report pivoted to cover platform engineering last year
What we wanted to find out this year
The big takeaways from the 2024 report
Our predictions for the next year of platform engineering
Speakers:
Ben Ford, Community Lead at Puppet by Perforce
Margaret Lee, Manager of Product Management at Puppet by Perforce
David Sandilands, Principal Solutions Architect at Puppet by Perforce
Stephanie Fairchild, Senior Manager at ClearPath Strategies
Links:
Download the 2024 State of DevOps Report: The Evolution of Platform Engineering
Email Margaret at [email protected]
Find Ben on Mastodon, Twitter, and in the Puppet Community Slack as binford2k
Find David on Mastodon and Twitter
Check out another episode with Ben, Margaret, and David about how return-to-office plans are shaping platform strategies
Read the episode transcript
Find Us Online:
puppet.com
Apple Podcasts
Twitter
LinkedIn

Platform engineering is all about giving devs the tools they need to work independently. Work-from-home policies give people flexibility in where and how they work. It should be a match made in heaven, right? Well... it’s more complicated than that.
Research, feedback, and evangelizing are critical to building an internal developer platform (IDP). But WFH can make that communication tough. And that's before you’ve even considered compliance and security (ugh, the 2FA). A human-focused IT strategy was crucial in supporting a shift to remote work during the pandemic, and it's going to be equally as important as we shift to a platform paradigm.
In this roundtable discussion, Ben leads a roundtable discussion of how return-to-office plans can impact platform engineering, joined by Margaret Lee and David Sandilands, authors of Puppet's 2024 State of DevOps Report: Platform Engineering Edition.
Speakers:
Ben Ford, Community Lead at Puppet by Perforce
Margaret Lee, Manager of Product Management at Puppet by Perforce
David Sandilands, Senior Solutions Architect at Puppet by Perforce
Highlights:
The remote/in-office flexibility your platform needs to consider
Hardening measures essential to a secure IDP in the hybrid era
What we learned about accommodating a workforce during the pandemic
Evangelizing a platform without the in-person connection
Links:
Email Margaret at [email protected]
Find Ben on Mastodon, Twitter, and in the Puppet Community Slack as binford2k
David Sandilands on Twitter
Get the 2023 Platform Engineering Report and sign up to receive 2024’s when it releases
Read the episode transcript
Find Us Online:
puppet.com
Apple Podcasts
Twitter
LinkedIn