Category:
compliance
InSpec 2.0 Cloud Resources Mini-Tutorial
By Julian Dunn
InSpec 2 introduces the ability to test cloud resources for compliance in addition to the system and application-level resources that previously appeared in InSpec 1. In this tutorial, we’ll use InSpec to write a very simple control to check attributes on a virtual machine in Amazon Web Services (AWS).
Read moreAnnouncing InSpec 2.0
By Julian Dunn
We are delighted to announce the availability of InSpec 2.0, the newest version of Chef’s open-source project for compliance automation. InSpec helps you express security and compliance requirements as code and incorporate it directly into the delivery process, eliminating ambiguity and manual processes to help you ship faster while remaining secure.
Read moreChef Automate Release – February 2018
Last week Chef announced the February release of Chef Automate. This marks the GA release of the compliance scanner with job scheduling, and adds features to make analysis easier, such as date-range search.
Read moreSuccessfully Migrate to the Cloud with Chef and AWS
By Nick Rycar
By providing organizations with the ability to launch and scale environments on-demand, the cloud has changed how we develop applications and deploy infrastructure, allowing us to iterate faster than previously imaginable. It’s no surprise, then, that cloud migrations have become a hot topic in our industry.
Read moreSupporting your Journey to Continuous Automation on Learn Chef Rally
Most successful organizations pursue continuous automation in three stages: detect, correct, and automate. Our very own Nick Rycar recently covered this framework at length in both a blog post and webinar. In case you missed it, adopting the DCA frameworks means: Detecting where your systems deviate from your standards.
Read moreFrom scripting languages to automated developer landscapes at SAP
SAP, the market leader in enterprise application software that helps companies of all sizes and industries run better, has reshaped their processes to enable the speed developers need. Over the last two years SAP adopted Chef to automate their on demand deployment of their developer landscapes.
Read more2018 Compliance Survey Results: Compliance Lays Path to Agility for Software Delivery with ‘Detect, Correct, Automate’ Approach
By Julian Dunn
Last year, we conducted a survey of more than 1,500 Chef customers to help us better understand their most pressing issues related to automation: productivity, roles and technology adoption. As we’ve noted in the past, the highest-performing software organizations are able to outperform their peers in each of three key areas, and associated metrics.
Read moreApplying Compliance on Azure Government with InSpec
By Galen Emery
In government, compliance and security are a critical component of our job function. The current state of compliance frameworks are bulky and unwieldy for those inexperienced with OpenSCAP/XML. Microsoft Azure Government cloud and InSpec are designed to provide a common language for security, compliance, and automation teams to converge around.
Read moreDetect Spectre and Meltdown Vulnerabilities with InSpec
By Julian Dunn
Earlier this month, Google Project Zero announced several security vulnerabilities in many modern processors, commonly referred to by the names Spectre and Meltdown. These vulnerabilities arise from the exploitation of performance optimizations in modern CPUs, features known as branch prediction and speculative execution.
Read moreImprovements for Windows and InSpec
By Jared Quick
We are proud to announce some major improvements recently implemented in InSpec. Jerry Aldrich and I, two members of Chef’s InSpec Engineering team, have added two features which considerably improve performance when used with the Windows platform. Backend Caching Improvements First, we have added backend caching for commands.
Read more