Escape DLL Hell with the Chef Windows IIS Site Migration Accelerator

In order to migrate an application from one Windows Server Operating System to another, we have to be able to gather all of the dynamic-link libraries (“DLLs”). They could be in the bin for the application itself, they could be in the global assembly cache or the GAC, they could be in the system files, […]

Read More

Protect Yourself From the RubyGems Backdoor by InSpec’ing Your Fleet

chef security

Chef has invested a lot with the Enterprise Automation Stack in security. With Chef InSpec you can easily scan your systems for potential vulnerabilities and then leverage Chef Infra to run remediation across your entire fleet. This is important because last week’s RubyGems vulnerability likely affected other software you have deployed that uses Ruby. To […]

Read More

Chef Confirms No Products Affected by Backdoored RubyGems

chef security

At Chef, we have a cross-functional security team who evaluates and responds to potential security incidents. Because a significant portion of our code uses Ruby and Ruby libraries (known as “gems”), we have been paying close attention to the reports of malicious code insertion into several gems. Shortly after the news of the compromise became […]

Read More

LCR Road Trip: Driving Compliance in the age of DevSecOps 

Hitting the Road with Learn Chef Rally Are you concerned with securing systems and ensuring changes do not open security holes? Do you want to avoid having your changes rejected in security review or having to redo the work? Do you want to build systems that are secure by design, and have the ability to […]

Read More