Puppet Security Compliance Management (SCM) | Release Announcement v3.8.0
Puppet Product Updates
Security Compliance Management v3.8.0 is now available!
Security Compliance Management (SCM), included with Puppet Enterprise and Puppet Enterprise Advanced, helps teams assess, report on, and maintain secure system configurations against CIS Benchmarks, giving you a consistent and evidence-based view of compliance posture.
This release is focused on helping you run your compliance program with less manual effort and lower operational risk while staying aligned to current benchmark content. We recommend upgrading to SCM 3.8.0 before 21 June 2026. The CIS Assessor license included in SCM 3.7.1 expires on that date, and upgrading keeps your scans evaluating without interruption. Please reach out to Puppet Support for queries or support.
What this means for you
-
Keep scans running without disruption
Refresh your CIS-CAT® Pro Assessor license without waiting for a full upgrade, helping ensure scans continue evaluating against current benchmark content when upgrade timing does not align. -
Reduce manual intervention and operational friction
Resolve common issues such as stuck scans directly within the product, eliminating the need for manual fixes and helping keep your environment clean and performant. -
Improve reliability of compliance assessments
Greater control over scan behavior and better handling of long-running jobs help improve the consistency and completeness of results. -
A smoother day to day experience
Performance improvements make the console more responsive and dependable during regular use. -
Stay aligned to current standards
Updated benchmark content ensures your compliance assessments reflect the latest available CIS guidance.
Built for a more secure and resilient foundation
This release also strengthens core platform components and reduces exposure to known risks, helping keep your deployment current and resilient.
This e-mail may contain information that is privileged or confidential. If you are not the intended recipient, please delete the e-mail and any attachments and notify us immediately.