Category:
Chef InSpec
Supermarket.chef.io set to get an Infrastructure upgrade
Chef Supermarket, your gateway to finding the cookbooks best suited for your DevOps needs, is set to receive an upgrade to its infrastructure. In order to facilitate this upgrade, we will be migrating all content to new hardware. Early 2022 The outage will affect the Supermarket web application and all APIs that point to supermarket.chef.io. Supermarket is a very important content source for our community. We believe that this shift in the underlying infrastructure on which it is hosted is vital in ensuring we can serve you best in the long term.
Read moreChef Infra 101: The Road to Best Practices
In this blog post, you’ll take a look at some practices that can help you get a running start with your Chef automation and the principle of Policy as Code. It’s intended for any IT professional or Chef newcomer.
Read moreChef Guide: Accelerate test-driven development with Chef Workstation and Test Kitchen
By John Tonello
Whether you’re new to Chef or an old pro, Test Kitchen can be a boon to anyone looking to dive into test-driven automation practices and rapid code development.
Read moreA quick Chef way to detect and remediate PrintNightmare
A Microsoft publicly disclosed remote code execution zero-day vulnerability (CVE-2021-34527), now known as “PrintNightmare”, could allow attackers to run code, including malware or ransomware, and take full control of impacted vulnerable systems. Microsoft is urging Administrators to deploy the proper patches as quickly as possible or disable inbound remote printing until the patches can be applied.
Read moreAutomating PCI-DSS Compliance with Chef
Any company that handles credit card data, especially in the United States, is subject to the Payment Card Industry Data Security Standard (PCI DSS), and already knows how difficult and time-consuming PCI audits can be.
Read moreTesting Windows DNS SIGRed Vulnerability with Chef InSpec
It’s not DNS. There’s no way it’s DNS. It was DNS. A system administrator’s haiku, many have uttered before. Today it rings true once again. CVE-2020-1350 is a vulnerability found in _all_ versions of Windows Server DNS back to 2003. Found by the folks at Checkpoint, this is a highly critical vulnerability.
Read moreCyber Security for Australian Government, National Critical Infrastructure providers and Enterprise using Chef Compliance
By Anthony Rees
On Friday, June 19th 2020, the Australian Prime Minister Scott Morrison called a snap press conference to reveal that the nation was under cyber-attack by a state-based actor.
Read moreAutomating MAS Technology Risk Management (TRM) Guidelines using Chef InSpec
By Anthony Rees
I’m very privileged to work with a range of FSI organizations across Asia Pacific (APAC) as a Regional Solutions Architect at Chef. Customers in every vertical need help and assistance with continuously auditing their environments inline with industry standards, as well as those set by governments, and independent regulators.
Read moreBackstage Pass to ChefConf Online Chef InSpec Week
By Mandi Walls
Hopefully you know that Chef InSpec is not only an excellent solution for your infrastructure security and compliance needs, but you can also use it to test your infrastructure as code. If you’re looking for some learned advice from experienced InSpec practitioners, we have some great sessions for you! Register for ChefConf Online at chefconf.
Read moreChef InSpec Profile for Critical Salt Vulnerabilities
By Galen Emery
On April 30, 2020, two critical security vulnerabilities were identified with the SaltStack open source project (github.com/saltstack/salt). These vulnerabilities are critical and must be patched to avoid potential take over of your systems. This vulnerability has been assigned the highest severity rating, 10.
Read more