Category:

compliance


Chef Survey 2017: Results

We’re happy to announce that the Chef Survey 2017 results are in. Many thanks to everyone who participated and made their voice heard. Our survey focused on gaining a better understanding of the trends in productivity, workforce roles, and technology adoption amongst Chef users in our community. In the first few weeks of January we received over 1500 responses.

Read more

Chef Automate’s New Release Cadence

Over the last year, we’ve adopted a monthly release cadence for chef-client and chefdk. That regular cadence has served us well, allowing users to predictably plan for and schedule upgrades. Today, we’re pleased to announce that Chef Automate will follow suit and also adopt a monthly release cadence.

Read more

Set up a Patch Management System Using Chef Automate

How does Chef handle patch management? The short answer is: it depends. For some organizations, patch management is simply a matter of running vendor-recommended updates on a fairly regular interval, while having the flexibility to install on-demand updates as vulnerabilities like 0-days require.

Read more

Automating compliance for financial services

We’ve been talking about the importance of incorporating compliance into your development workflow for a while now. With Chef Automate, we’ve delivered an enterprise-grade solution for turning compliance policy into code.

Read more

Manage Secrets with Chef and HashiCorps Vault

On November 22, 2016, I presented a webinar with Seth Vargo on managing secrets with Chef and HashiCorp’s Vault. Our very large and highly engaged audience came prepared with great questions. We started off talking about generic secrets, and why you should start rotating them.

Read more

Assess and remediate your Windows Servers with Chef

I’m pleased to announce two new Chef assets that enable you to assess and remediate your Windows 2012 R2 Servers using the compliance feature of Chef Automate. They are both basic, initial examples, but demonstrate how you can use a compliance profile in conjunction with a cookbook to apply best practice server hardening.

Read more

InSpec Language Support in Atom and VS Code

During the webinar “Better Tools for a Better Life” I stressed the importance of code snippets to increase your efficiency. I found that two of the editors I used during the presentation, and in my every day practice, were lacking support for InSpec.

Read more

The Audit Cookbook: A How-To

The audit cookbook is a tool used to run InSpec tests and send the results to chef-compliance (either directly or via chef-server) or to chef-visibility in an automated way. We recently took on an overhaul of the audit cookbook to rewrite the content using chef handlers.

Read more

“Shift Left” Security and Compliance Automation with InSpec and Chef

Velocity needs control to be successful. As DevOps delivers high-velocity, high-performing digital transformation for business, there is increased focus on the need for security and compliance capabilities to match. Balancing these two seemingly contradictory demands – velocity and control – is difficult. We’re excited that our launch of InSpec 1.

Read more

Announcing InSpec 1.0 – Compliance as Code

One year ago, we released InSpec, an open-source project for infrastructure and test automation that helps companies incorporate compliance into their deployment pipelines. Today, after 70 releases, and with a great development community to support us, we are proud to announce InSpec 1.0 and the launch of inspec.io.

Read more

chefconf-banner
image_334

FOLLOW @CHEF

compliance