Last week Chef announced Chef Automate 1.7, a notable release that integrates remote compliance scanning capabilities into Chef Automate. Now, organizations can add nodes and execute ad hoc remote compliance scans from Chef Automate without the need for an agent to be deployed on the node. This allows for much greater flexibility in how teams scan for compliance, and makes it easier to gain a complete view of the estate. (Chef’s Megan Gleason provides a cook’s tour of what’s new in this release notes document.)
Every organization has a need to perform compliance scans across production environments. With security breaches a worryingly common occurrence, and adherence to regulations and standards – such as PCI, HIPAA, and GDPR – a necessity, it’s more important than ever to maintain broad visibility of compliance status and be able to prove that proper steps are taken to remain compliant. Chef Automate provides a single platform to detect compliance issues, correct those issues, and automate adherence to policies going forward.
With compliance scanning integrated in Chef Automate, maintaining and proving compliance gets a whole lot easier. In some cases, deploying an agent on a node is not feasible or not preferred. Remote scans offer visibility across these nodes, as well as a broader range of endpoints and devices. Because any environment is only as secure or compliant as its weakest link, this visibility can make all the difference for an organization.
At Chef, we’ve worked with thousands of organizations to help them achieve continuous automation. A critical first step is to detect current status against industry benchmarks and organizational standards. Getting that visibility in place helps prioritize what to correct, how to correct it, and how best to implement automation going forward. Even those who have gone down the automation path benefit from gaining that complete view. With this release of Chef Automate, remote compliance scanning enables teams to gain that view quickly, regardless of the tool or tools they have in place today for infrastructure automation and configuration management.
In addition to remote, agentless scanning, the October release includes several new features and resolves issues to make the experience with the product even better. New features improve data handling and help reduce the storage burden. Chef Automate now provides statistics on Chef client run records and compliance scan records, as well as how much storage is being consumed. Users can now run manual Reaper jobs to remove data, and legacy compliance views have been removed, with historical and new compliance data now stored in new indices.
The compliance scanning capabilities in Chef Automate are in open beta today, available to all customers. Compliance scanning provides value right away, offering a complete view of status against benchmarks and baselines. In this Learn Chef module, you can take Chef Automate for a test drive and get it running in three simple steps.
For more details on Chef Automate 1.7, be sure to take a look at our release announcement.