Category:

Chef InSpec


Chef Infra 101: The Road to Best Practices

In this blog post, you’ll take a look at some practices that can help you get a running start with your Chef automation and the principle of Policy as Code. It’s intended for any IT professional or Chef newcomer.

Read more

Chef Guide: Accelerate test-driven development with Chef Workstation and Test Kitchen

Whether you’re new to Chef or an old pro, Test Kitchen can be a boon to anyone looking to dive into test-driven automation practices and rapid code development.

Read more

A quick Chef way to detect and remediate PrintNightmare

A Microsoft publicly disclosed remote code execution zero-day vulnerability (CVE-2021-34527), now known as “PrintNightmare”, could allow attackers to run code, including malware or ransomware, and take full control of impacted vulnerable systems. Microsoft is urging Administrators to deploy the proper patches as quickly as possible or disable inbound remote printing until the patches can be applied.

Read more

Automating PCI-DSS Compliance with Chef

Any company that handles credit card data, especially in the United States, is subject to the Payment Card Industry Data Security Standard (PCI DSS), and already knows how difficult and time-consuming PCI audits can be.

Read more

Testing Windows DNS SIGRed Vulnerability with Chef InSpec

It’s not DNS. There’s no way it’s DNS. It was DNS. A system administrator’s haiku, many have uttered before. Today it rings true once again. CVE-2020-1350 is a vulnerability found in _all_ versions of Windows Server DNS back to 2003. Found by the folks at Checkpoint, this is a highly critical vulnerability.

Read more

Cyber Security for Australian Government, National Critical Infrastructure providers and Enterprise using Chef Compliance

On Friday, June 19th 2020, the Australian Prime Minister Scott Morrison called a snap press conference to reveal that the nation was under cyber-attack by a state-based actor.

Read more
Posted in:

Automating MAS Technology Risk Management (TRM) Guidelines using Chef InSpec

I’m very privileged to work with a range of FSI organizations across Asia Pacific (APAC) as a Regional Solutions Architect at Chef. Customers in every vertical need help and assistance with continuously auditing their environments inline with industry standards, as well as those set by governments, and independent regulators.

Read more

Backstage Pass to ChefConf Online Chef InSpec Week

Hopefully you know that Chef InSpec is not only an excellent solution for your infrastructure security and compliance needs, but you can also use it to test your infrastructure as code. If you’re looking for some learned advice from experienced InSpec practitioners, we have some great sessions for you! Register for ChefConf Online at chefconf.

Read more
Posted in:

Chef InSpec Profile for Critical Salt Vulnerabilities

On April 30, 2020, two critical security vulnerabilities were identified with the SaltStack open source project (github.com/saltstack/salt). These vulnerabilities are critical and must be patched to avoid potential take over of your systems. This vulnerability has been assigned the highest severity rating, 10.

Read more

Chef for Compliance Announcement: Waivers Support

Today Chef announces compliance waiver support within Chef InSpec and Chef Automate. Using Chef for compliance provides a holistic solution for enterprises to achieve continuous compliance. Companies audit their various endpoints for compliance against CIS or DISA standards using Chef InSpec, while viewing the aggregate compliance state of their fleet in Chef Automate.

Read more

Join Automate for Good hackathon and be eligible to win $60000 in prizes
chefconf-banner
image_334

FOLLOW @CHEF

Chef InSpec