Category:
Chef InSpec
Automating PCI-DSS Compliance with Chef
Any company that handles credit card data, especially in the United States, is subject to the Payment Card Industry Data Security Standard (PCI DSS), and already knows how difficult and time-consuming PCI audits can be.
Read moreTesting Windows DNS SIGRed Vulnerability with Chef InSpec
It’s not DNS. There’s no way it’s DNS. It was DNS. A system administrator’s haiku, many have uttered before. Today it rings true once again. CVE-2020-1350 is a vulnerability found in _all_ versions of Windows Server DNS back to 2003. Found by the folks at Checkpoint, this is a highly critical vulnerability.
Read moreCyber Security for Australian Government, National Critical Infrastructure providers and Enterprise using Chef Compliance
By Anthony Rees
On Friday, June 19th 2020, the Australian Prime Minister Scott Morrison called a snap press conference to reveal that the nation was under cyber-attack by a state-based actor.
Read moreAutomating MAS Technology Risk Management (TRM) Guidelines using Chef InSpec
By Anthony Rees
I’m very privileged to work with a range of FSI organizations across Asia Pacific (APAC) as a Regional Solutions Architect at Chef. Customers in every vertical need help and assistance with continuously auditing their environments inline with industry standards, as well as those set by governments, and independent regulators.
Read moreBackstage Pass to ChefConf Online Chef InSpec Week
By Mandi Walls
Hopefully you know that Chef InSpec is not only an excellent solution for your infrastructure security and compliance needs, but you can also use it to test your infrastructure as code. If you’re looking for some learned advice from experienced InSpec practitioners, we have some great sessions for you! Register for ChefConf Online at chefconf.
Read moreChef InSpec Profile for Critical Salt Vulnerabilities
By Galen Emery
On April 30, 2020, two critical security vulnerabilities were identified with the SaltStack open source project (github.com/saltstack/salt). These vulnerabilities are critical and must be patched to avoid potential take over of your systems. This vulnerability has been assigned the highest severity rating, 10.
Read moreChef for Compliance Announcement: Waivers Support
Today Chef announces compliance waiver support within Chef InSpec and Chef Automate. Using Chef for compliance provides a holistic solution for enterprises to achieve continuous compliance. Companies audit their various endpoints for compliance against CIS or DISA standards using Chef InSpec, while viewing the aggregate compliance state of their fleet in Chef Automate.
Read moreAn Award-Winning Way to Start 2020
By Matt Lyman
Chef Rings in 2020 with Multiple Industry Award Wins for Chef EAS and Chef InSpec Chef is kicking off 2020 on a high note announcing five new industry awards signifying our ongoing recognition from the industry as the DevOps leader.
Read morePreparing for April End of Support Dates
By Nick Rycar
This coming April will mark one year since the introduction of the Chef Enterprise Automation Stack. As part of this release, we announced that all of our products are now open source under the Apache 2 license and that Chef’s tested, enterprise-ready software distributions (binaries) are subject commercial license terms going forward.
Read moreChef InSpec recognized for Compliance Automation Tools in Gartner Report
We believe Gartner provides very useful guidance for organizations struggling with balancing the need to deliver products and services to market faster while having to deal with regulations and compliance requirements that may overburden their teams.
Read more