Category:
compliance
Manage Secrets with Chef and HashiCorps Vault
By JJ Asghar
On November 22, 2016, I presented a webinar with Seth Vargo on managing secrets with Chef and HashiCorp’s Vault. Our very large and highly engaged audience came prepared with great questions. We started off talking about generic secrets, and why you should start rotating them.
Read moreAssess and remediate your Windows Servers with Chef
By Joe Gardiner
I’m pleased to announce two new Chef assets that enable you to assess and remediate your Windows 2012 R2 Servers using the compliance feature of Chef Automate. They are both basic, initial examples, but demonstrate how you can use a compliance profile in conjunction with a cookbook to apply best practice server hardening.
Read moreInSpec Language Support in Atom and VS Code
During the webinar “Better Tools for a Better Life” I stressed the importance of code snippets to increase your efficiency. I found that two of the editors I used during the presentation, and in my every day practice, were lacking support for InSpec.
Read moreThe Audit Cookbook: A How-To
The audit cookbook is a tool used to run InSpec tests and send the results to chef-compliance (either directly or via chef-server) or to chef-visibility in an automated way. We recently took on an overhaul of the audit cookbook to rewrite the content using chef handlers.
Read more“Shift Left” Security and Compliance Automation with InSpec and Chef
By Ken Cheney
Velocity needs control to be successful. As DevOps delivers high-velocity, high-performing digital transformation for business, there is increased focus on the need for security and compliance capabilities to match. Balancing these two seemingly contradictory demands – velocity and control – is difficult. We’re excited that our launch of InSpec 1.
Read moreAnnouncing InSpec 1.0 – Compliance as Code
One year ago, we released InSpec, an open-source project for infrastructure and test automation that helps companies incorporate compliance into their deployment pipelines. Today, after 70 releases, and with a great development community to support us, we are proud to announce InSpec 1.0 and the launch of inspec.io.
Read moreSpeed AND Safety: No Longer at Odds
By Lucas Welch
Today in IT, the need to maintain security and governance is often at odds with the imperative to move quickly. At this year’s ChefConf, compliance and security were topics of much discussion among presenters and attendees alike.
Read moreChef at Bank Hapoalim
Bank Hapoalim is Israel’s largest bank and was named by The Banker magazine as Bank of the Year in Israel for 2015. The bank’s Unix and Linux team has been using Chef for only about five months and they have made enormous progress automating their infrastructure in a highly secure environment.
Read moreSecure Your Enterprise By Treating Compliance as Code
By Lucas Welch
Regulatory compliance and security concerns are facts of life for every enterprise. Businesses are facing increased scrutiny in a world where data breaches and security hacks happen every other day. Companies need to be agile in order to respond to attacks, but the average business takes 256 days to find compromises!
Read moreChefConf Session Spotlight – Chef & Compliance: DevOps gateway for the Health Care Enterprise
By Jamie Bright
Continuing our series of ChefConf Session Spotlights, I’m pleased to introduce Odie Routh. Odie is a member of a Lean Engineering team at Optum, a health care technology company. He works remotely from Vermont, and focuses on promoting DevOps practices by collaborating across as many departments and disciplines throughout the enterprise as he can.
Read more