Case Study Background

Customer Stories

Public Cloud Infrastructure Compliance Scanning at SAP with Chef

Download Case Study

Challenge

The breadth of the SAP portfolio of solutions offered in the public cloud alone means there are many organizations within the company involved with a variety of development tooling, pipelines and various ways of operating. The company needed to accommodate and approach this in different ways and make it easy to avoid security misconfigurations. If such issues occur, then a quick resolution needs to be ensured.

Solution

Chef Cloud Security empowers SAP to solve misconfigurations early. Containerizing Chef InSpec has given SAP a highly flexible tool for teams throughout the company to use as they manage the compliance of their cloud accounts.

Impact

With Chef, SAP has been able to:

  • Take control of cloud accounts with CSPM
  • Shift-left security and compliance by empowering teams and resolving misconfigurations early
  • Chef’s open-source process offers flexibility, allowing SAP to develop its own control set
SAP logo

About SAP

SAP, the market leader in enterprise application software that helps companies of all sizes and industries run better, has reshaped their processes to enable the speed developers need. In this article, Ran Kahal and Martin Schygulla share insights on their mission to provide developer services at SAP. Ran is director of SAP’s DevOps Center of Excellence (CoE); a worldwide team operating in geographically distributed areas like Germany, Israel, France, Mexico, and the United States. His organization creates and manages a variety of test infrastructures where developers can work on their applications. Martin works within that group as DevOps Automation manager for a team that handles Chef, anything else related to automation, and policy enforcement.

The code base being open source allows SAP to add new functionality and even cloud platforms to Chef InSpec’s capabilities, and therefore gives us the freedom and control to implement the detective controls we want, as long as the public cloud provider’s API supports it.

Jay Thoden van Velzen Head of Security Operations, SAP Multi Cloud

Ready to Get Started?

Contact Sales
Company
Using Chef
Legal
Connect with us
Contact Us

Chef is part of the Progress product portfolio. Progress is the leading provider of application development and digital experience technologies.

Copyright © 2024 Progress Software Corporation and/or its subsidiaries or affiliates. All Rights Reserved.

Progress, Telerik, Ipswitch, Chef, Kemp, Flowmon, MarkLogic, Semaphore and certain product names used herein are trademarks or registered trademarks of Progress Software Corporation and/or one of its subsidiaries or affiliates in the U.S. and/or other countries. See Trademarks for appropriate markings.

Do Not Sell or Share My Personal Information

Powered by Progress Sitefinity