Category:
Chef InSpec
Automate Compliance with AWS OpsWorks for Chef Automate
In an era of rapidly developing threats and continually evolving compliance frameworks, we need to be able to react quickly. The most successful organizations pursue continuous automation in three stages: detect, correct, and automate.
Read moreInSpec 2.0 Cloud Resources Mini-Tutorial
By Julian Dunn
InSpec 2 introduces the ability to test cloud resources for compliance in addition to the system and application-level resources that previously appeared in InSpec 1. In this tutorial, we’ll use InSpec to write a very simple control to check attributes on a virtual machine in Amazon Web Services (AWS).
Read moreAnnouncing InSpec 2.0
By Julian Dunn
We are delighted to announce the availability of InSpec 2.0, the newest version of Chef’s open-source project for compliance automation. InSpec helps you express security and compliance requirements as code and incorporate it directly into the delivery process, eliminating ambiguity and manual processes to help you ship faster while remaining secure.
Read moreChef Automate Release – February 2018
Last week Chef announced the February release of Chef Automate. This marks the GA release of the compliance scanner with job scheduling, and adds features to make analysis easier, such as date-range search.
Read moreSuccessfully Migrate to the Cloud with Chef and AWS
By Nick Rycar
By providing organizations with the ability to launch and scale environments on-demand, the cloud has changed how we develop applications and deploy infrastructure, allowing us to iterate faster than previously imaginable. It’s no surprise, then, that cloud migrations have become a hot topic in our industry.
Read moreSupporting your Journey to Continuous Automation on Learn Chef Rally
Most successful organizations pursue continuous automation in three stages: detect, correct, and automate. Our very own Nick Rycar recently covered this framework at length in both a blog post and webinar. In case you missed it, adopting the DCA frameworks means: Detecting where your systems deviate from your standards.
Read more2018 Compliance Survey Results: Compliance Lays Path to Agility for Software Delivery with ‘Detect, Correct, Automate’ Approach
By Julian Dunn
Last year, we conducted a survey of more than 1,500 Chef customers to help us better understand their most pressing issues related to automation: productivity, roles and technology adoption. As we’ve noted in the past, the highest-performing software organizations are able to outperform their peers in each of three key areas, and associated metrics.
Read moreApplying Compliance on Azure Government with InSpec
By Galen Emery
In government, compliance and security are a critical component of our job function. The current state of compliance frameworks are bulky and unwieldy for those inexperienced with OpenSCAP/XML. Microsoft Azure Government cloud and InSpec are designed to provide a common language for security, compliance, and automation teams to converge around.
Read moreChef Open Source Community News – January 2018
By Julian Dunn
Chef has always been built atop a very strong open-source community. However, we’ve heard from many of you that it’s hard to find news about new features being developed in our open-source projects.
Read moreDetect Spectre and Meltdown Vulnerabilities with InSpec
By Julian Dunn
Earlier this month, Google Project Zero announced several security vulnerabilities in many modern processors, commonly referred to by the names Spectre and Meltdown. These vulnerabilities arise from the exploitation of performance optimizations in modern CPUs, features known as branch prediction and speculative execution.
Read more