Speed AND Safety: No Longer at Odds

Today in IT, the need to maintain security and governance is often at odds with the imperative to move quickly. At this year’s ChefConf, compliance and security were topics of much discussion among presenters and attendees alike. Enterprise IT teams are adopting a new way to deliver experiences for customers safely and quickly: by expressing […]

Read More

Chef Compliance 1.0 Release

Chef Compliance 1.0 is now available from the Chef downloads site. This is a major release update which is recommended for all users of Chef Compliance.  We enhanced capabilities for Chef Compliance to enable automated management of compliance policies that are based on the broadly used Center for Internet Security (CIS) benchmarks. Users can now […]

Read More

Chef Compliance 0.16.19 Release

Chef Compliance 0.16.9 is now available from the Chef downloads site. This is a minor release update which is recommended for all users of Chef Compliance. Here are the enhancements and bug fixes included in this release: Enhancements: Show entire stack trace on connectivity errors Report security patches for Ubuntu In reports, show each failed […]

Read More

Chef Compliance 0.9.11 Release

Chef Compliance 0.9.11 is now available from the Chef downloads site. This is a minor release update which is recommended for all users of Chef Compliance. Here are the enhancements and bug fixes included in this release: Enhancements: Improve Windows OS detection in inspec Optimize the error output for missing registry keys Specify process supervision type […]

Read More

Chef Begins New Era of DevOps for the Enterprise with Release of New Products

Releases Chef Delivery for Full-Stack Workflow Automation; Introduces Chef Compliance to Help Enterprises Best Meet Stringent Regulatory Requirements for Compliance and Security SEATTLE and LONDON – November 3, 2015 – Chef, the leader in automation for DevOps, today announced at the European Chef Community Summit new products that automate change management for the entire application […]

Read More

You Got Unix In My Ruby!

Or: Writing Ruby test code to verify Unix/Linux systems for auditing purposes Many organizations must adhere to PCI-DSS requirements, or similar standards. However, those standards are often not specific, so we cannot rely on them to give implementation details. The CIS Benchmarks provide technical recommendations with specific commands and scripts to audit systems, and remediate […]

Read More

System Archaeology Through Testing

As you may be aware, I have been working on a Chef audit-mode cookbook that implements the CIS Benchmarks. I recently added coverage for Ubuntu 14.04. In this post, I want to share a discovery about OS-level configuration that is inherently against the recommendation from the benchmark, and the way users can remediate this using […]

Read More