Today in IT, the need to maintain security and governance is often at odds with the imperative to move quickly. At this year’s ChefConf, compliance and security were topics of much discussion among presenters and attendees alike. Enterprise IT teams are adopting a new way to deliver experiences for customers safely and quickly: by expressing […]
Read MoreCategory: catv
Chef Compliance 1.0 Release
Chef Compliance 1.0 is now available from the Chef downloads site. This is a major release update which is recommended for all users of Chef Compliance. We enhanced capabilities for Chef Compliance to enable automated management of compliance policies that are based on the broadly used Center for Internet Security (CIS) benchmarks. Users can now […]
Read MoreChef Compliance 0.16.19 Release
Chef Compliance 0.16.9 is now available from the Chef downloads site. This is a minor release update which is recommended for all users of Chef Compliance. Here are the enhancements and bug fixes included in this release: Enhancements: Show entire stack trace on connectivity errors Report security patches for Ubuntu In reports, show each failed […]
Read MoreChef Compliance 0.9.11 Release
Chef Compliance 0.9.11 is now available from the Chef downloads site. This is a minor release update which is recommended for all users of Chef Compliance. Here are the enhancements and bug fixes included in this release: Enhancements: Improve Windows OS detection in inspec Optimize the error output for missing registry keys Specify process supervision type […]
Read MoreChef Compliance 0.9.10 Release
Chef Compliance 0.9.10 is now available from the Chef downloads site. This is a minor release update which is recommended for all users of Chef Compliance. Here are the enhancements and bug fixes added since the 0.9.6 release: Enhancements: Allow private keys to be updated Report scan failures in API and UI Reports: split […]
Read MoreChef Begins New Era of DevOps for the Enterprise with Release of New Products
Releases Chef Delivery for Full-Stack Workflow Automation; Introduces Chef Compliance to Help Enterprises Best Meet Stringent Regulatory Requirements for Compliance and Security SEATTLE and LONDON – November 3, 2015 – Chef, the leader in automation for DevOps, today announced at the European Chef Community Summit new products that automate change management for the entire application […]
Read MoreHow to Be a Secure Chef
Many Chef users are interested in security. To answer the questions you’ve raised, we’ve put a new article called “How to be a Secure Chef” in the Chef skills library. You’ll find suggestions for securing the Chef server, the Chef client, and your workstation. There’s also a discussion of how to control the promotion of […]
Read MoreYou Got Unix In My Ruby!
Or: Writing Ruby test code to verify Unix/Linux systems for auditing purposes Many organizations must adhere to PCI-DSS requirements, or similar standards. However, those standards are often not specific, so we cannot rely on them to give implementation details. The CIS Benchmarks provide technical recommendations with specific commands and scripts to audit systems, and remediate […]
Read MoreSystem Archaeology Through Testing
As you may be aware, I have been working on a Chef audit-mode cookbook that implements the CIS Benchmarks. I recently added coverage for Ubuntu 14.04. In this post, I want to share a discovery about OS-level configuration that is inherently against the recommendation from the benchmark, and the way users can remediate this using […]
Read MoreTowards Compliance as Code: A Real-World Example
Robert Pirsig’s seminal 1974 book, Zen and the Art of Motorcycle Maintenance, teaches us that quality is an attribute that is inherent to a work product. It is not possible to take something that has low quality and add quality later. In software, this is why “QA teams” in industry are problematic, as you cannot […]
Read More