Chef is excited to announce that we have achieved official Center for Internet Security certification on the Amazon Web Services Foundations Benchmarks (level 1 & level 2). With this certification, Chef Software is the first CIS partner to be certified on all three cloud providers for which they publish security benchmarks: Amazon Web Services, Microsoft […]
Read MoreAuthor: Nick Rycar
Securing Access in Cloud Environments with Saviynt and Chef
The days where we wondered whether or not our organization would choose to migrate workloads to the cloud are long behind us. Today the question is not if we’ll move these workloads, but how many, and how quickly we can do so. As more and more of us undergo cloud migration initiatives, we find we […]
Read MoreDetect Kubernetes Vulnerabilities with InSpec
Earlier this week a critical security vulnerability was uncovered in the Kubernetes API server. The vulnerability, CVE-2018-1002105, uncovers an attack vector that would allow an unprivileged or unauthenticated user to escalate their privileges and run arbitrary commands with cluster-admin level access. The severity of this vulnerability is compounded by the fact that because these unauthorized […]
Read MorePreparing for Audits with InSpec
Preparing for a compliance audit can be an overwhelming process. Coordinating and translating requirements between teams is often a time consuming, manual process, regressions uncovered between audits can drive friction between internal IT and security teams, and between the rise of cloud and container solutions and numerous emerging regulatory frameworks, the sheer breadth of what […]
Read MoreAnnouncing InSpec 3.0
We’re excited to announce the release of InSpec 3.0! Since the last major revision of InSpec in February, InSpec has been downloaded 49270 times, we’ve merged more than 330 pull requests from 85 contributors, and added dozens of new resources. The 3.0 release includes a ton of bug fixes, usability improvements, and additional platform support. […]
Read MoreVideo Series: Intro to AWS OpsWorks for Chef Automate
This week we’re pleased to release a new video series, Intro to AWS OpsWorks for Chef Automate. In this playlist, we provide a concise overview of OpsWorks for Chef Automate, a fully-managed offering of the Chef Automate platform on Amazon Web Services, along with practical usage examples so you can follow along in your own […]
Read MoreContinuous Compliance for Painless Ongoing Audits
Audits are stressful. If your organization is subject to regulatory compliance rules, chances are you’ve experienced firsthand how time-consuming and painful they can be. Preparing for and satisfying an audit is often a multi-month process with e-mails and documents flying between auditors, compliance officers, information security professionals, and the teams responsible for your infrastructure and […]
Read MoreMigrating Legacy Windows Applications with Habitat
Two years ago, Chef launched Habitat as a way to enable application teams to build, deploy, and manage any application in any environment. By packaging applications such that they can be deployed to any runtime, from bare metal servers to containers, Habitat makes it easier than ever to ensure your apps run anywhere your business […]
Read MoreAutomating Cloud Compliance with AWS OpsWorks for Chef Automate
Chef, InSpec, and Habitat provide workflows for automating everything you manage, from infrastructure configuration to security auditing to application releases. Chef Automate ties these projects together with a powerful dashboard that aggregates data from all of your environments and provides a shared world view of the configuration and security of your estate for everyone within […]
Read MoreIntroducing Chef Workstation
We’re excited to announce the release of Chef Workstation, providing everything you need to get started with Chef with a simple one-click installation. Ad-Hoc Configuration Management with chef-run Chef Workstation comes with the new chef-run utility, which can be used to execute chef code on any remote system accessible via SSH or WinRM. This provides […]
Read More