Welcome to Security Compliance Management (SCM)

Security Compliance Management (SCM) is a tool that assesses the infrastructure you manage with Puppet Enterprise® against CIS Benchmarks — the best practices from the Center for Internet Security (CIS) for securely configuring systems.

Using Security Compliance Management, you can:

  • Run scans to check the compliance of your infrastructure against CIS Benchmarks on up to 100,000 nodes.
  • Set your desired compliance — a default benchmark and profile that you want your scans to be measured against.
  • Customize profiles to specify which rules you want visible in scan reports.
  • Identify the cause and source of compliance failures, and determine what configuration changes must be made to which systems.

Security Compliance Management uses Puppet Enterprise (PE) to retrieve node and fact information. After you install Security Compliance Management, you must configure it to integrate with Puppet Enterprise.

If this is your first time using Security Compliance Management, try out our Beginner’s guide to Security Compliance Management (SCM).

Important: Before you use the product and its documentation, review the Copyright and trademark notices.
Security Compliance Management docs links Other useful places
Learn the basics:
SCM overview
SCM terminology
Beginner’s guide to SCM
Release notes
Install and configure Security Compliance Management:
System requirements
Set up SCM
Run and manage CIS scans:
Run scans and review reports
Set desired compliance
Create a custom profile
View scan results
Security Compliance Management videos:
SCM introduction and demo
Related Puppet products:
Puppet Enterprise
Puppet Forge
Get help:
Support portal