Here are the slides from Kathy Lee's PuppetConf 2016 presentation called Case Study: Puppets in the Government. Watch the videos at https://www.youtube.com/playlist?list=PLV86BgbREluVjwwt-9UL8u2Uy8xnzpIqa
2. DISA and STIGs
• DISA: Defense Information Systems Agency
• STIG: Security Technical Implementation Guide
• DISA publishes STIGS
• STIGs for everything!
2
3. Problems we hoped Puppet would fix
• Inconsistent configuration of Linux servers
• Failure in STIG compliance – at time of Puppet acquisition, we were
hovering around 30% compliance
3