Survey Results: DevSecOps Drives Efficiency, Security, and Agility

Recently, Chef commissioned a survey of security professionals in order to provide greater insight into what security leaders are most concerned with and how collaboration with I&O (Infrastructure & Operations) is needed within enterprise-sized organizations.

Read more

Chef InSpec recognized for Compliance Automation Tools in Gartner Report

We believe Gartner provides very useful guidance for organizations struggling with balancing the need to deliver products and services to market faster while having to deal with regulations and compliance requirements that may overburden their teams.

Read more

Product Announcement: Chef Habitat 1.5 Now Available

Chef Habitat provides automation capabilities for defining, packaging, and delivering applications to almost any environment with any operating system, on any platform. Over the last year, we’ve seen organizations like Alaska Airlines, Rakuten, Walmart, and Rizing address a broad range of application delivery automation challenges with Habitat.

Read more

Chef Confirms No Products Affected by Backdoored RubyGems

At Chef, we have a cross-functional security team who evaluates and responds to potential security incidents. Because a significant portion of our code uses Ruby and Ruby libraries (known as “gems”), we have been paying close attention to the reports of malicious code insertion into several gems.

Read more
Posted in:

Cloud Security Assessments in AWS

In our most recent webinar, Cloud Security Assessment for AWS Instances, we took a look at how Chef can help to secure environments in Amazon Web Services.

Read more

Chef Server 12.4.0 Release Announcement Includes Security Updates

Ohai Chefs, We’re pleased to announce that today we’ve released Chef Server 12.4.0. We have updated the version of Ruby on Rails in oc-id to fix a number of posted CVEs. Chef Server now has a Universe endpoint, which provides the same output as Supermarket or berkshelf-api universe endpoints. More details can be found here.

Read more

Chef Management Console 2.1.2 Security Release

Manage 2.1.2 is now available from the Chef downloads site. Manage 2.1.2 is a security release to address a number of Rails CVEs. It is recommended that all users of the Chef Management Console upgrade. The full change log is availble here: https://manage.chef.

Read more

Supermarket 2.3.2 Security Release

Supermarket 2.3.2* is now available. This release contains bug fixes, minor enhancements, and security updates. Supermarket version 2.3.2 is a recommended update for all users running their own instances of Supermarket. Packages are available in the stable repository.

Read more

Chef Management Console 2.1.0 Release and 2.1.1 Security Release

Manage 2.1.0 and 2.1.1 are now available from the Chef downloads site. Manage 2.1.1 is a security release to address a cross site scripting vulnerability that was discovered to exist in previous versions of Manage, including 2.1.0 and the 1.x series. Manage 2.1.0 is a major version bump from 1.21.1 to 2.1.

Read more

Security Releases: Chef Server 12, Enterprise Chef 11, Chef Manage

Ohai Chefs! Today we have releases of Chef Server 12.1.0, Enterprise Chef Server 11.3.2, and Chef Manage 1.17.0 which contain the following security updates: Redis 2.8.21 This update addresses CVE-2015-4335, a remote code execution vulnerability in Redis.

Read more

Chefconf Blog Banner Sidebar
Survey Blog Banner Sidebar