Chef Software is the First CIS Partner Certified on AWS, Azure, and GCP

Chef is excited to announce that we have achieved official Center for Internet Security certification on the Amazon Web Services Foundations Benchmarks (level 1 & level 2). With this certification, Chef Software is the first CIS partner to be certified on all three cloud providers for which they publish security benchmarks: Amazon Web Services, Microsoft […]

Read More

Achieving Federal Compliance with Chef Automate and Chef InSpec

Federal agencies work hard to provide value to consumers of their services, but in order to deliver updates at the velocity their customers demand, they must ensure their infrastructure is hardened and secure throughout the software development lifecycle. Chef Software, for over a decade, has helped Federal agencies automate how they build and manage this […]

Read More

Reducing Audit Pain with Continuous Compliance

No one questions that audits are stressful, painful and time-consuming. But organizations — financial institutions especially — must conduct audits to ensure security and validate compliance regulatory requirements. As security threats increase or regulations change, entities in turn must conduct more audits. But how can a company stay competitive when so much time and resources […]

Read More

How CSG Decreased Audit Times by 80% Through Automation

When it comes to audits, many organizations face a dilemma: how to decrease the time and effort spent while improving results? In preparation for an annual PCI audit, Carter McHugh, Executive Director of Agile Architecture at CSG International, decided to partner with Chef Software to automate their audit processes. As a result, CSG reduced audit […]

Read More

Announcing InSpec 3.0

We’re excited to announce the release of InSpec 3.0! Since the last major revision of InSpec in February, InSpec has been downloaded 49270 times, we’ve merged more than 330 pull requests from 85 contributors, and added dozens of new resources. The 3.0 release includes a ton of bug fixes, usability improvements, and additional platform support. […]

Read More

InSpec compliance profiles for Azure’s CIS Benchmark and Azure Cloud Scanner in Chef Automate 2.0

InSpec by Chef is a powerful “compliance as code” tool powered by an ever growing number of compliance profiles and target resources. It enables users to achieve continuous compliance across their IT environments. Over the last six months Chef has created dedicated teams to create and test profiles for a variety of OSs and Cloud […]

Read More

Moving forward with PowerCLI instead of InSpec-VMware

Summary If you use the VMware ecosystem in your day to day job, you may have seen the incubation InSpec project inspec-vmware and got excited about the possibilities of running InSpec tests against your VMware Software Defined Data Centers (SDDC)s and VMware on AWS. If you haven’t seen the inspec-vmware project, imagine the ability to audit/validate […]

Read More

Continuous Compliance for Painless Ongoing Audits

Audits are stressful. If your organization is subject to regulatory compliance rules, chances are you’ve experienced firsthand how time-consuming and painful they can be. Preparing for and satisfying an audit is often a multi-month process with e-mails and documents flying between auditors, compliance officers, information security professionals, and the teams responsible for your infrastructure and […]

Read More

Using InSpec with Cisco IOS Devices

On Wednesday, August 1, we presented a webinar on using InSpec with Cisco IOS network devices. Today, fewer than 10% of network teams are using any automation tools, yet through the NetOps 2.0 movement, network administrators are starting to adopt some of the best practices from development and operations, realizing, as Gartner says in the […]

Read More