Achieving Federal Compliance with Chef Automate and Chef InSpec

Chef Open Source Community News

Federal agencies work hard to provide value to consumers of their services, but in order to deliver updates at the velocity their customers demand, they must ensure their infrastructure is hardened and secure throughout the software development lifecycle. Chef Software, for over a decade, has helped Federal agencies automate how they build and manage this […]

Read More

Policyfiles: A Chef Best Practice


I am excited to announce that Policyfiles are now covered in Learn Chef Rally. Policyfiles have become mainstream and are a best practice for managing your estate with Chef. Policyfiles have a number of clear benefits: They ensure the cookbooks running in production are the same versions that were tested against; providing safer development workflows […]

Read More

Reducing Audit Pain with Continuous Compliance

No one questions that audits are stressful, painful and time-consuming. But organizations — financial institutions especially — must conduct audits to ensure security and validate compliance regulatory requirements. As security threats increase or regulations change, entities in turn must conduct more audits. But how can a company stay competitive when so much time and resources […]

Read More

Chef Habitat and the runC vulnerability (CVE-2019-5736)

An article was shared yesterday detailing a runC vulnerability that affects Docker and Kubernetes where a malicious container can overwrite a host system’s runC binary, thus allowing root-level code execution on the host. This is an operations nightmare and it made me think of how Chef Habitat can help in these situations. I’d like to give […]

Read More