Category:

Chef InSpec


Supermarket.chef.io set to get an Infrastructure upgrade

Chef Supermarket, your gateway to finding the cookbooks best suited for your DevOps needs, is set to receive an upgrade to its infrastructure. In order to facilitate this upgrade, we will be migrating all content to new hardware. December 1st, 2021 – 4 AM PST - 9 AM PST The outage will affect the Supermarket web application and all APIs that point to supermarket.chef.io. Supermarket is a very important content source for our community. We believe that this shift in the underlying infrastructure on which it is hosted is vital in ensuring we can serve you best in the long term.

Read more

Chef Infra 101: The Road to Best Practices

In this blog post, you’ll take a look at some practices that can help you get a running start with your Chef automation and the principle of Policy as Code. It’s intended for any IT professional or Chef newcomer.

Read more

Chef Guide: Accelerate test-driven development with Chef Workstation and Test Kitchen

Whether you’re new to Chef or an old pro, Test Kitchen can be a boon to anyone looking to dive into test-driven automation practices and rapid code development.

Read more

A quick Chef way to detect and remediate PrintNightmare

A Microsoft publicly disclosed remote code execution zero-day vulnerability (CVE-2021-34527), now known as “PrintNightmare”, could allow attackers to run code, including malware or ransomware, and take full control of impacted vulnerable systems. Microsoft is urging Administrators to deploy the proper patches as quickly as possible or disable inbound remote printing until the patches can be applied.

Read more

Automating PCI-DSS Compliance with Chef

Any company that handles credit card data, especially in the United States, is subject to the Payment Card Industry Data Security Standard (PCI DSS), and already knows how difficult and time-consuming PCI audits can be.

Read more

Testing Windows DNS SIGRed Vulnerability with Chef InSpec

It’s not DNS. There’s no way it’s DNS. It was DNS. A system administrator’s haiku, many have uttered before. Today it rings true once again. CVE-2020-1350 is a vulnerability found in _all_ versions of Windows Server DNS back to 2003. Found by the folks at Checkpoint, this is a highly critical vulnerability.

Read more

Cyber Security for Australian Government, National Critical Infrastructure providers and Enterprise using Chef Compliance

On Friday, June 19th 2020, the Australian Prime Minister Scott Morrison called a snap press conference to reveal that the nation was under cyber-attack by a state-based actor.

Read more
Posted in:

Automating MAS Technology Risk Management (TRM) Guidelines using Chef InSpec

I’m very privileged to work with a range of FSI organizations across Asia Pacific (APAC) as a Regional Solutions Architect at Chef. Customers in every vertical need help and assistance with continuously auditing their environments inline with industry standards, as well as those set by governments, and independent regulators.

Read more

Backstage Pass to ChefConf Online Chef InSpec Week

Hopefully you know that Chef InSpec is not only an excellent solution for your infrastructure security and compliance needs, but you can also use it to test your infrastructure as code. If you’re looking for some learned advice from experienced InSpec practitioners, we have some great sessions for you! Register for ChefConf Online at chefconf.

Read more
Posted in:

Chef InSpec Profile for Critical Salt Vulnerabilities

On April 30, 2020, two critical security vulnerabilities were identified with the SaltStack open source project (github.com/saltstack/salt). These vulnerabilities are critical and must be patched to avoid potential take over of your systems. This vulnerability has been assigned the highest severity rating, 10.

Read more

Join Automate for Good hackathon and be eligible to win $60000 in prizes
chefconf-banner
image_334

FOLLOW @CHEF

Chef InSpec