Chef InSpec Profile for Critical Salt Vulnerabilities

On April 30, 2020, two critical security vulnerabilities were identified with the SaltStack open source project (github.com/saltstack/salt). These vulnerabilities are critical and must be patched to avoid potential take over of your systems. This vulnerability has been assigned the highest severity rating, 10.0, according to the Common Vulnerability Scoring System, an open framework for communicating […]

Read More

Edge Computing: Compliance, Developer Productivity, and Configuration Inconsistencies Top the List of Key Challenges

The edge computing term has become one of the next big buzz words in the IT world. The concept of edge computing is not new and has been around for a while. In fact, almost every organization probably already has one or more use cases that would fall into the bucket of edge computing. Edge […]

Read More

Survey Results: DevSecOps Drives Efficiency, Security, and Agility

Recently, Chef commissioned a survey of security professionals in order to provide greater insight into what security leaders are most concerned with and how collaboration with I&O (Infrastructure & Operations) is needed within enterprise-sized organizations. We sought out to determine how important DevSecOps is within the Software Development Life Cycle (SDLC), the importance of Audits […]

Read More

Secure Your Cloud Estate with Continuous Audits

To meet the demands of an ever more connected world, executing on a comprehensive cloud strategy has become a critical component for organizations at any scale. While cloud platforms have made it incredibly easy to define and scale environments on demand, with those capabilities come new challenges in how to validate that those environments have […]

Read More

Why Coded Enterprises are Winning at DevOps

More than 10 years ago Chef ushered in the era of DevOps with the introduction of Chef, the “infrastructure as code” tool. Fundamental to the success of Chef was the belief that “the best way to build software is to do it in close collaboration with the people who use it.” Today there are more […]

Read More

Chef Software is the First CIS Partner Certified on AWS, Azure, and GCP

Chef is excited to announce that we have achieved official Center for Internet Security certification on the Amazon Web Services Foundations Benchmarks (level 1 & level 2). With this certification, Chef Software is the first CIS partner to be certified on all three cloud providers for which they publish security benchmarks: Amazon Web Services, Microsoft […]

Read More

Achieving Federal Compliance with Chef Automate and Chef InSpec

Federal agencies work hard to provide value to consumers of their services, but in order to deliver updates at the velocity their customers demand, they must ensure their infrastructure is hardened and secure throughout the software development lifecycle. Chef Software, for over a decade, has helped Federal agencies automate how they build and manage this […]

Read More

Reducing Audit Pain with Continuous Compliance

No one questions that audits are stressful, painful and time-consuming. But organizations — financial institutions especially — must conduct audits to ensure security and validate compliance regulatory requirements. As security threats increase or regulations change, entities in turn must conduct more audits. But how can a company stay competitive when so much time and resources […]

Read More