In an era of rapidly developing threats and continually evolving compliance frameworks, we need to be able to react quickly. The most successful organizations pursue continuous automation in three stages: detect, correct, and automate.
In a recent webinar, Mark Rambow, a Software Development Manager with Amazon Web Services and I demonstrated how to implement this three step process with AWS OpsWorks for Chef Automate. You can watch a recording of the webinar below.
Detect: Assess the state of your infrastructure to be able to identify missing patches or mis-configuration. This turns unknowns into knows that can be schedule accordingly. Chef Automate has built-in profile for CIS and DevSec benchmarks. Those enable you to see how well your infrastructure is doing.
Correct: Once the issues have been identified, we automate the correct solution via cookbooks.
Automate: By combining compliance automation with infrastructure automation, everything can be tested and verified before its put into production. Once it is tested, Chef Automate makes scaling beyond one node very easy.
In the webinar we walked through the following steps:
- Setup AWS Opsworks for Chef Automate
- Detect compliance issues on an existing AWS node and report to Chef Automate
- Correct the setup with Chef cookbooks
- Scale compliance reporting and server hardening in combination with AWS auto-scaling
- Use custom InSpec profile to automate your in-house compliance requirements
Get hands-on and learn more
- Get stared with AWS OpsWorks for Chef Automate
- Check out our in-depth tutorial for implementing compliance with Chef Automate in your AWS environment
- Register for our day-long workshop, Continuous Compliance on AWS with Chef Automate, at ChefConf 2018
- In this Learn Chef Rally track, you’ll get a hang for the Chef basics, manage your first node, test Chef cookbooks on temporary cloud instances, and deploy changes to a production-like environment, all on AWS
- Want a taste of InSpec right away? Our preconfigured, ready-to-go environments will help you explore how it works in minutes
- Check out our Compliance Automation white paper and discover how to bridge the gap between Development and Information Security