Adam Leff

Former Chef Employee

2017 InSpec Year in Review

2017 has been an incredible year for InSpec; the community continues to grow and the project continues to evolve in amazing ways. As the year winds down, I’d like to take a few minutes to reflect on our collective accomplishments.

Read more

Everyday Compliance with InSpec

As National Cyber Security Awareness Month comes to a close, it’s a great opportunity for all of us to make security and compliance part of our daily routine. I know, I know…no one thinks about “compliance” and gets excited. However, taking advantage of tools like InSpec can help us conquer everyday compliance with ease.

Read more

Guest Blog Post: Ensuring Agent Compliance with Chef Automate

Besides helping ensure compliance with regulatory standards, InSpec is a great solution for detecting compliance with your organization’s own rules and expectations. Our friends at Jack Henry & Associates Inc. recently detected and corrected an issue in their environment thanks to the power of InSpec and Chef Automate.

Read more

Understanding InSpec Profile Inheritance

Engineers sometimes use the phrase DRY – Don’t Repeat Yourself. It’s commonly used when writing or reviewing code that is repetitive. The usual solution is to take the repetitious code and turn it into something that can be reused. It’s really easy to fall into the “repeat yourself” trap, even with a tool like InSpec.

Read more

Awesome Community Chefs – 2017 Award Winners

Everyone who participates in the Chef Community does exceptional things on a regular basis. This work is worthy of celebration and stands as a testament to the way our community comes together to ensure all members are successful, together.

Read more

Detecting the WannaCry Exploit with InSpec

As you may have read about in the news, an exploit called “WannaCry” has been circulating and infecting Windows systems across the globe. The “WannaCry” exploit is a particularly nasty type of exploit called “ransomware”; once installed, the malware encrypts your files and holds them hostage until you pay hundreds of dollars in ransom fees.

Read more
Posted in:

InSpec, Habitat, and Continuous Compliance

In my last post, I talked about some of the benefits of containers, how containers can complicate compliance requirements, and how InSpec can help. InSpec provides a human-readable infrastructure and compliance testing language that allows you to scan your hosts, VMs, and containers to ensure your fleet’s compliance. But let’s take this one step further.

Read more

Docker Container Compliance with InSpec

Thanks to its speed and approachability, Docker has done a great deal to make containers popular. Need a quick Redis server? docker run redis and boom, you’ve got a Redis server. However, compared to traditional hosts and virtual machines, containers are considerably more difficult to reason about.

Read more

Using Chef with VMware vRealize Orchestrator

Recently, VMware announced the general availability of their VMware vRealize Orchestrator (vRO) plugin for Chef (formerly vCenter Orchestrator). This plugin offers a number of vRO workflows for interacting with the Chef Server (such as modifying nodes and environments) and bootstrapping new nodes with support for both Linux and Windows nodes.

Read more

Managing Red Hat Subscriptions with Chef

Keeping your Red Hat systems patched is critical, and registering your nodes with Red Hat Subscription Manager (RHSM) or a Red Hat Satellite is the first step. Frequently, users will handle the registration manually or bake it in to their nodes with a one-time startup script.

Read more