Preparing for April End of Support Dates

This coming April will mark one year since the introduction of the Chef Enterprise Automation Stack. As part of this release, we announced that all of our products are now open source under the Apache 2 license and that Chef’s tested, enterprise-ready software distributions (binaries) are subject commercial license terms going forward.  Today anyone can […]

Read More

Secure Your Cloud Estate with Continuous Audits

To meet the demands of an ever more connected world, executing on a comprehensive cloud strategy has become a critical component for organizations at any scale. While cloud platforms have made it incredibly easy to define and scale environments on demand, with those capabilities come new challenges in how to validate that those environments have […]

Read More

Chef Software is the First CIS Partner Certified on AWS, Azure, and GCP

Chef is excited to announce that we have achieved official Center for Internet Security certification on the Amazon Web Services Foundations Benchmarks (level 1 & level 2). With this certification, Chef Software is the first CIS partner to be certified on all three cloud providers for which they publish security benchmarks: Amazon Web Services, Microsoft […]

Read More

Detect Kubernetes Vulnerabilities with InSpec

Earlier this week a critical security vulnerability was uncovered in the Kubernetes API server. The vulnerability, CVE-2018-1002105, uncovers an attack vector that would allow an unprivileged or unauthenticated user to escalate their privileges and run arbitrary commands with cluster-admin level access. The severity of this vulnerability is compounded by the fact that because these unauthorized […]

Read More

Preparing for Audits with InSpec

Preparing for a compliance audit can be an overwhelming process. Coordinating and translating requirements between teams is often a time consuming, manual process, regressions uncovered between audits can drive friction between internal IT and security teams, and between the rise of cloud and container solutions and numerous emerging regulatory frameworks, the sheer breadth of what […]

Read More

Announcing InSpec 3.0

We’re excited to announce the release of InSpec 3.0! Since the last major revision of InSpec in February, InSpec has been downloaded 49270 times, we’ve merged more than 330 pull requests from 85 contributors, and added dozens of new resources. The 3.0 release includes a ton of bug fixes, usability improvements, and additional platform support. […]

Read More