Category:
compliance
Compliance automation: Bridging the gap between development & information security
Speed is nothing without control DevOps makes software deployment faster. But without proper controls, that may mean that developers are also releasing security vulnerabilities more quickly. The fast pace of innovation will not be slowing down and the pressure to deliver rapidly keeps increasing.
Read moreInSpec launches support for cloud platform assessments
InSpec Cloud Modules We are proud to announce the release of three new open-source incubation projects to the InSpec community: inspec-aws, inspec-azure, and inspec-vmware. With these projects, InSpec extends its reach into these widely used platforms. You can now use InSpec for cloud native security and integration testing.
Read moreAchieving Windows Compliance with InSpec
This blog post is a follow-up on our Windows Compliance with InSpec webinar by Joe Gardiner, Senior Solutions Architect and Christoph Hartmann, InSpec Creator that was presented live on April 11, 2017. In that webinar, we describe what Continuous Compliance is and we cover assessment with InSpec and remediation with Chef.
Read moreContainer Compliance and Security: Beyond Vulnerabilities
By Michael Ducy
One trend as you look at the container market is stronger emphasis on the security of containers. Most of this emphasis is in regards to shipping software with known vulnerabilities in your container images, such as software that’s distributed as part of your Operating System.
Read moreAdding compliance assurance into DevOps practices to ship software faster with less risk
By Marc Holmes
Software-based services — apps! — are now the primary way a company connects with customers. A company’s best chance in competing for a larger piece of the market is by shipping software faster. Teams need to continuously deliver infrastructure to run applications, regardless of location or computing environment.
Read moreDocker Container Compliance with InSpec
By Adam Leff
Thanks to its speed and approachability, Docker has done a great deal to make containers popular. Need a quick Redis server? docker run redis and boom, you’ve got a Redis server. However, compared to traditional hosts and virtual machines, containers are considerably more difficult to reason about.
Read moreQuantifying DevOps Outcomes: Managing Risk
Last week, we held our second webinar in a four part series focused on digital transformation. In that session, we focused on why mitigating risk is essential to increasing speed. In case you missed it, you can watch a recording of the second episode, “Managing Risk” below.
Read moreContinuous Compliance with InSpec: Bay Area Chef Meetup at Wealthfront
Last month, I spoke at the The Bay Area Chef Meetup, hosted by long time #ChefFriends, Wealthfront. They shared their Chef development process beginning with local dev, using Test Kitchen, all the way through their automated testing pipeline. There were also a lot of great discussions about test driven development practices.
Read moreChef Survey 2017: Results
We’re happy to announce that the Chef Survey 2017 results are in. Many thanks to everyone who participated and made their voice heard. Our survey focused on gaining a better understanding of the trends in productivity, workforce roles, and technology adoption amongst Chef users in our community. In the first few weeks of January we received over 1500 responses.
Read moreChef Automate’s New Release Cadence
Over the last year, we’ve adopted a monthly release cadence for chef-client and chefdk. That regular cadence has served us well, allowing users to predictably plan for and schedule upgrades. Today, we’re pleased to announce that Chef Automate will follow suit and also adopt a monthly release cadence.
Read more