Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Rudder: automate system security and configurat...

Avatar for Rudder Rudder
February 03, 2026
Programming
0
12

Rudder: automate system security and configuration with GUI, API and YAML

Rudder is an open source solution for managing system security and configuration, with a strong focus on continuous checks and compliance.

🎥 https://www.youtube.com/watch?v=u5kQYFqShrk
🧑 Nicolas Charles
📅 Config Management Camp 2026

With its GUI, it makes it easier for users to define security configurations and get feedback. Its API allows integration with most softwares that interact with your infrastructure.
This talk will present Rudder and its use cases, then focus on the new version, Rudder 9.0, and conclude with a demo of configuring and hardening new instances on AWS

Avatar for Rudder

Rudder

February 03, 2026
Tweet

More Decks by Rudder

See All by Rudder
The missing layer: security audit of configuration files
Avatar for Rudder rudder
0
9
Hausse des cybermenaces lors des JO : êtes-vous suffisamment protégé ?
Avatar for Rudder rudder
1
42
Adoptez une stratégie de patch management efficace adaptée à votre système d’information
Avatar for Rudder rudder
1
72
Comment sécuriser son SI pour ne plus subir les attaques ?
Avatar for Rudder rudder
1
74
Hardening systems: from a benchmark guide to meaningful compliance
Avatar for Rudder rudder
1
48
Implementing configuration management primitives in 2024
Avatar for Rudder rudder
1
39
Supply Chain Security in the Rust Ecosystem
Avatar for Rudder rudder
1
38
Securing the software supply chain for infra management software
Avatar for Rudder rudder
1
300
A journey from Configuration Management to Security of IT systems
Avatar for Rudder rudder
1
70

Other Decks in Programming

See All in Programming
コマンドとリード間の連携に対する脅威分析フレームワーク
Avatar for Aja9tochin pandayumi
1
450
LLM Observabilityによる 対話型音声AIアプリケーションの安定運用
Avatar for Hiroyuki Moriya gekko0114
2
420
CSC307 Lecture 08
Avatar for Javier Gonzalez-Sanchez javiergs
PRO
0
670
プロダクトオーナーから見たSOC2 _SOC2ゆるミートアップ#2
Avatar for Kenta Suzuki kekekenta
0
200
ぼくの開発環境2026
Avatar for yuzneri yuzneri
0
140
MDN Web Docs に日本語翻訳でコントリビュート
Avatar for uutan1108 ohmori_yusuke
0
640
そのAIレビュー、レビューしてますか? / Are you reviewing those AI reviews?
Avatar for r-kagaya rkaga
6
4.5k
AIエージェントのキホンから学ぶ「エージェンティックコーディング」実践入門
Avatar for Masahiro Nishimi masahiro_nishimi
5
340
Unicodeどうしてる? PHPから見たUnicode対応と他言語での対応についてのお伺い
Avatar for てきめん tekimen youkidearitai
PRO
1
1.1k
Package Management Learnings from Homebrew
Avatar for Mike McQuaid mikemcquaid
0
210
Honoを使ったリモートMCPサーバでAIツールとの連携を加速させる!
Avatar for とすり tosuri13
1
170
AIで開発はどれくらい加速したのか?AIエージェントによるコード生成を、現場の評価と研究開発の評価の両面からdeep diveしてみる
Avatar for どすこい daisuketakeda
1
970

Featured

See All Featured
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
Avatar for Rebecca Miller-Webster rmw
35
3.3k
From π to Pie charts
Avatar for Rasagy Sharma rasagy
0
120
Into the Great Unknown - MozCon
Avatar for Noah Learner thekraken
40
2.2k
Ecommerce SEO: The Keys for Success Now & Beyond - #SERPConf2024
Avatar for Aleyda Solis aleyda
1
1.8k
Product Roadmaps are Hard
Avatar for C. Todd Lombardo iamctodd
PRO
55
12k
How to Get Subject Matter Experts Bought In and Actively Contributing to SEO & PR Initiatives.
Avatar for Liv Day livdayseo
0
63
Code Reviewing Like a Champion
Avatar for maltzj maltzj
527
40k
Lightning talk: Run Django tests with GitHub Actions
Avatar for Sarah Abderemane sabderemane
0
110
Mobile First: as difficult as doing things right
Avatar for Swwweet swwweet
225
10k
ラッコキーワード サービス紹介資料
Avatar for ラッコ株式会社 rakko
1
2.2M
Reflections from 52 weeks, 52 projects
Avatar for Jefferson Lam jeffersonlam
356
21k
Navigating the moral maze — ethical principles for Al-driven product design
Avatar for Skipper Chong Warson skipperchong
2
240

Transcript

  1. Automate system security and configuration with GUI, API and YAML

  2. © 2025 Rudder. All right reserved. Rudder is a system

    infrastructure automation platform to ensure and improve security posture. Designed for ops to secure in-depth with proofs, it allows to implement and maintain your security model. 2 Security Configuration Management Audit and remediation of your hardening Patch & Vulnerability Management Proactive vulnerability remediation Policy & Benchmark Compliance Deployment and proof of compliance

  3. All rights reserved Product license Rudder has an open-core model

    GPLv3 - https://github.com/Normation/rudder • Most of it is free and open source (web interface, linux agent, binaries, API) with packages available for main distros • Some plugins, and older OS support are open source, without binaries freely available (won’t be in this presentation) • Some plugins are closed sources (won’t be in this presentation)

  4. All rights reserved How it works? In Rudder, we manage

    Nodes: A Node is a system with a rudder agent installed and registered to the Rudder server (it needs an operating system) Nodes are classified within Groups (dynamic queries on inventories)

  5. All rights reserved How it works? We define the desired

    states, in Audit or Enforce mode State definition is a lot like a playbook: • Don’t include targets • use agent native methods to inspect/modify the system

  6. All rights reserved How it works? We apply these states

    to the Groups using Rules (there can be as many groups and rules as necessary) The Agent compares these states with the actual status of the Nodes, optionally fixes, and reports the results. Rudder computes the compliance based on these results

  7. All rights reserved How it works?

  8. All rights reserved Why a GUI? Goal: onboard everyone and

    make it “easy” to share knowledge and information It’s not expected that everyone will become an expert of Rudder, infrastructure management, and compliance but can at least: • Have a look in the tool and understand what is going on • Check what’s being done • Collaborate with others based on their expertise knowledge • Onboard new members

  9. All rights reserved GUI Everything can be done within the

    GUI • Nodes management/Inventory/Grouping • Defining Techniques/Directives/Rules • Checking compliance • Rudder User management There are access rules • Access in read/write/nothing to pages

  10. All rights reserved API Everything can be done with the

    REST API • Avoid unnecessary clicks • Automate Rudder • Export/Import data from/to Rudder Acces rules apply also on the API

  11. All rights reserved YAML We are at the YAMLConf, right

    ? • Techniques are written in YAML (and/or the graphical editor) • In Git • Compiled by the Rudder server to be understood by the agent We developed the YAML syntax while writing CIS benchmarks - to ensure that the language is powerful enough to express everything

  12. Demo! A Rudder server in the cloud, with some hardening

    configurations. A new instance is created and is automatically configured. An API call to define some properties for this instance A website appears!

  13. All rights reserved Product Roadmap We release minor versions every

    6 months, and major ~ 2 years Rudder 9.0 was released in October 2025: • Focus on compliance (augeas module (in the next talk)) • Share data more easily (CSV export) • HTTPS protocol for client/server communication (used in SecNumCloud environment) • Better templating engine & command execution

  14. All rights reserved Product Roadmap Rudder 9.1 is scheduled for

    April 2026 • Improved traceability on all actions • Improved dashboard • Support for SLES 16

  15. All rights reserved Product Roadmap A Technique Marketplace is on

    its way! • Expect it for early of Q2 2026

  16. All rights reserved Want to test it? We have a

    repo with packages for most distros on https://repository.rudder.io • Getting started: https://docs.rudder.io/get-started/current/home.html • Community chat: chat.rudder.io

  17. Thank you! Any questions?