Category:
compliance
Set up a Patch Management System Using Chef Automate
By Nick Rycar
How does Chef handle patch management? The short answer is: it depends. For some organizations, patch management is simply a matter of running vendor-recommended updates on a fairly regular interval, while having the flexibility to install on-demand updates as vulnerabilities like 0-days require.
Read moreAutomating compliance for financial services
By Lucas Welch
We’ve been talking about the importance of incorporating compliance into your development workflow for a while now. With Chef Automate, we’ve delivered an enterprise-grade solution for turning compliance policy into code.
Read moreManage Secrets with Chef and HashiCorps Vault
By JJ Asghar
On November 22, 2016, I presented a webinar with Seth Vargo on managing secrets with Chef and HashiCorp’s Vault. Our very large and highly engaged audience came prepared with great questions. We started off talking about generic secrets, and why you should start rotating them.
Read moreAssess and remediate your Windows Servers with Chef
By Joe Gardiner
I’m pleased to announce two new Chef assets that enable you to assess and remediate your Windows 2012 R2 Servers using the compliance feature of Chef Automate. They are both basic, initial examples, but demonstrate how you can use a compliance profile in conjunction with a cookbook to apply best practice server hardening.
Read moreInSpec Language Support in Atom and VS Code
During the webinar “Better Tools for a Better Life” I stressed the importance of code snippets to increase your efficiency. I found that two of the editors I used during the presentation, and in my every day practice, were lacking support for InSpec.
Read moreThe Audit Cookbook: A How-To
The audit cookbook is a tool used to run InSpec tests and send the results to chef-compliance (either directly or via chef-server) or to chef-visibility in an automated way. We recently took on an overhaul of the audit cookbook to rewrite the content using chef handlers.
Read more“Shift Left” Security and Compliance Automation with InSpec and Chef
By Ken Cheney
Velocity needs control to be successful. As DevOps delivers high-velocity, high-performing digital transformation for business, there is increased focus on the need for security and compliance capabilities to match. Balancing these two seemingly contradictory demands – velocity and control – is difficult. We’re excited that our launch of InSpec 1.
Read moreAnnouncing InSpec 1.0 – Compliance as Code
One year ago, we released InSpec, an open-source project for infrastructure and test automation that helps companies incorporate compliance into their deployment pipelines. Today, after 70 releases, and with a great development community to support us, we are proud to announce InSpec 1.0 and the launch of inspec.io.
Read moreSpeed AND Safety: No Longer at Odds
By Lucas Welch
Today in IT, the need to maintain security and governance is often at odds with the imperative to move quickly. At this year’s ChefConf, compliance and security were topics of much discussion among presenters and attendees alike.
Read moreChef at Bank Hapoalim
Bank Hapoalim is Israel’s largest bank and was named by The Banker magazine as Bank of the Year in Israel for 2015. The bank’s Unix and Linux team has been using Chef for only about five months and they have made enormous progress automating their infrastructure in a highly secure environment.
Read more