Category:

compliance


Container Compliance and Security: Beyond Vulnerabilities

One trend as you look at the container market is stronger emphasis on the security of containers. Most of this emphasis is in regards to shipping software with known vulnerabilities in your container images, such as software that’s distributed as part of your Operating System.

Read more

Adding compliance assurance into DevOps practices to ship software faster with less risk

Software-based services — apps! — are now the primary way a company connects with customers. A company’s best chance in competing for a larger piece of the market is by shipping software faster. Teams need to continuously deliver infrastructure to run applications, regardless of location or computing environment.

Read more

Docker Container Compliance with InSpec

Thanks to its speed and approachability, Docker has done a great deal to make containers popular. Need a quick Redis server? docker run redis and boom, you’ve got a Redis server. However, compared to traditional hosts and virtual machines, containers are considerably more difficult to reason about.

Read more

Quantifying DevOps Outcomes: Managing Risk

Last week, we held our second webinar in a four part series focused on digital transformation. In that session, we focused on why mitigating risk is essential to increasing speed. In case you missed it, you can watch a recording of the second episode, “Managing Risk” below.

Read more

Continuous Compliance with InSpec: Bay Area Chef Meetup at Wealthfront

Last month, I spoke at the The Bay Area Chef Meetup, hosted by long time #ChefFriends, Wealthfront. They shared their Chef development process beginning with local dev, using Test Kitchen, all the way through their automated testing pipeline. There were also a lot of great discussions about test driven development practices.

Read more

Chef Survey 2017: Results

We’re happy to announce that the Chef Survey 2017 results are in. Many thanks to everyone who participated and made their voice heard. Our survey focused on gaining a better understanding of the trends in productivity, workforce roles, and technology adoption amongst Chef users in our community. In the first few weeks of January we received over 1500 responses.

Read more

Chef Automate’s New Release Cadence

Over the last year, we’ve adopted a monthly release cadence for chef-client and chefdk. That regular cadence has served us well, allowing users to predictably plan for and schedule upgrades. Today, we’re pleased to announce that Chef Automate will follow suit and also adopt a monthly release cadence.

Read more

Set up a Patch Management System Using Chef Automate

How does Chef handle patch management? The short answer is: it depends. For some organizations, patch management is simply a matter of running vendor-recommended updates on a fairly regular interval, while having the flexibility to install on-demand updates as vulnerabilities like 0-days require.

Read more

Automating compliance for financial services

We’ve been talking about the importance of incorporating compliance into your development workflow for a while now. With Chef Automate, we’ve delivered an enterprise-grade solution for turning compliance policy into code.

Read more

Manage Secrets with Chef and HashiCorps Vault

On November 22, 2016, I presented a webinar with Seth Vargo on managing secrets with Chef and HashiCorp’s Vault. Our very large and highly engaged audience came prepared with great questions. We started off talking about generic secrets, and why you should start rotating them.

Read more

Chefconf September 12-13 2022
image_334

FOLLOW @CHEF

compliance