Building on Chef’s long history of innovation in compliance automation, Chef Compliance, available today, builds on Chef InSpec to help enterprises maintain compliance and prevent security incidents across heterogeneous hybrid and multi-cloud estates while improving speed and efficiency. Standards-based audit and remediation content, easily-tuned baselines, and comprehensive visibility and control make it easy to maintain and enforce compliance across the enterprise.
New offerings include:
- Chef Compliance Audit: Designed specifically for information security and SecOps teams who wish to maintain complete visibility over the compliance status of their estate. It provides extensive audit content based on the Center for Internet Security (CIS) and DISA (Defense Information Systems Agency) standards that can be easily tuned to meet specific needs.
- Chef Compliance Remediation: Designed specifically for Infrastructure and Operations teams to help close the loop between audit and remediation and enable continuous compliance in the enterprise. New remediation functionality and trusted, standards-based content makes it easy to remediate issues uncovered during audits without writing code.
Chef Compliance features integrated capabilities across all five stages of the compliance lifecycle:
- Acquire: Access CIS certified and Chef-hardened and curated content aligned to industry benchmarks for audit and remediation. With newly available remediation content, organizations can ensure remediation actions align directly to audit results.
- Define: Chef now makes it easy to define compliance baselines and tune them to the organization’s unique needs. Flexible compliance waiver capabilities allow teams to turn on or off individual controls in order to avoid false positives and misconfigurations.
- Detect: Continuously monitor and evaluate compliance posture by detecting deviations from intended state at any point in the software delivery lifecycle.
- Remediate: Remediate non-compliance with newly available remediation capabilities that efficiently address individual controls in alignment with audit tests, encoding those fixes to enable continuous compliance.
- Report: Maintain comprehensive and up-to-date visibility across heterogeneous estates, easily view differences between baseline and remediated states, and track waiver status to enable fast and accurate audits any time.
Chef Compliance Use Cases
Chef Compliance helps enterprises maintain compliance and prevent security incidents across heterogeneous estates while improving speed and efficiency.
Chef Compliance makes it easier than ever to maintain and enforce compliance across the enterprise, with standards-based audit and remediation content, easily tuned baselines to adapt to the organization’s needs, and visibility and control across hybrid and multi-cloud environments.
Among customer use cases for Chef Compliance we see the following:
- Audit for Security – Continuous security assessment and easily customize and update the testing as new vulnerabilities are published.
- Audit for Compliance – Continuous compliance checks against CIS benchmarks or DISA standards in order to maintain continuous compliance.
- Continuous Compliance – Monitor and remediate any deviations to compliance posture across environments continuously.
- Compliance Flexibility – Leverage predefined benchmarks or fine-tune compliance profiles to address organizational specific requirements.
- Government Compliance – Predefined DISA STIG and CIS benchmark profiles help accelerate the Authority-To-Operate (ATO) in highly regulated federal organizations.
- Quicker Time-to-Value – Understand compliance posture to mitigate non-compliant controls faster without code.
What next?
Visit Chef Compliance Product page to learn more about this solution.
Register for our webinar: Introducing Chef Compliance.