Chef is excited to announce that we have achieved official Center for Internet Security certification on the Amazon Web Services Foundations Benchmarks (level 1 & level 2). With this certification, Chef Software is the first CIS partner to be certified on all three cloud providers for which they publish security benchmarks: Amazon Web Services, Microsoft Azure, and Google Cloud Platform.
The Center for Internet Security has long been a globally recognized authority on best practices and standards for securing IT systems and data. Initially, the controls and benchmarks published by CIS have focused on securing the operating systems and software most commonly used by enterprise IT organizations. In recent years, however, the drive to migrate workloads to cloud providers, and the shared responsibility model inherent to those platforms, has required organizations to reevaluate how to properly secure and audit these new environments.
Cloud platforms provide easy-to-use resources for configuring access control, data storage, virtual networking, and more, giving organizations the tools to scale their environments faster than ever before. With these new tools, however, must come new guidelines and best practices for securing them properly — a need made ever more apparent as stories of data breaches caused by improperly secured cloud resources have become alarmingly regular occurrences in recent years. The CIS benchmarks provide prescriptive implementation criteria for each cloud provider, created via a consensus review process of subject matter expert and with specific guidance based on the services they provide. With the InSpec profiles provided with Chef Automate, Chef customers can see whether their cloud implementations meet the requirements outlined within the benchmarks, and provides actionable insights wherever insecure configurations are found so that organizations can remediate any audit failures quickly and easily.