Detect Kubernetes Vulnerabilities with InSpec

Earlier this week a critical security vulnerability was uncovered in the Kubernetes API server. The vulnerability, CVE-2018-1002105, uncovers an attack vector that would allow an unprivileged or unauthenticated user to escalate their privileges and run arbitrary commands with cluster-admin level access. The severity of this vulnerability is compounded by the fact that because these unauthorized […]

Read More

November 2018 OSS Updates

Here’s this month’s round up of what happened in November across the Chef, Habitat, and InSpec open-source communities. Many thanks to all of our contributors this month. Chef This month’s release of Chef 14 is Chef 14.7.17. This release includes three new resources for users on Windows: windows_firewall_rule, to let you manage Windows firewall rules; […]

Read More

A Deeper Dive into InSpec 3 and Google Cloud Platform

The recently released InSpec 3 expands the developer ecosystem for compliance-as-code through plugins, integrations, and other new capabilities. This post will outline some of the ways that InSpec brings compliance-as-code to Google Cloud Platform (GCP). InSpec 3 includes fully supported platform support for GCP and premium content in Chef Automate for the Center for Internet […]

Read More

Preparing for Audits with InSpec

Preparing for a compliance audit can be an overwhelming process. Coordinating and translating requirements between teams is often a time consuming, manual process, regressions uncovered between audits can drive friction between internal IT and security teams, and between the rise of cloud and container solutions and numerous emerging regulatory frameworks, the sheer breadth of what […]

Read More

How CSG Decreased Audit Times by 80% Through Automation

When it comes to audits, many organizations face a dilemma: how to decrease the time and effort spent while improving results? In preparation for an annual PCI audit, Carter McHugh, Executive Director of Agile Architecture at CSG International, decided to partner with Chef Software to automate their audit processes. As a result, CSG reduced audit […]

Read More

Announcing InSpec 3.0

We’re excited to announce the release of InSpec 3.0! Since the last major revision of InSpec in February, InSpec has been downloaded 49270 times, we’ve merged more than 330 pull requests from 85 contributors, and added dozens of new resources. The 3.0 release includes a ton of bug fixes, usability improvements, and additional platform support. […]

Read More

Chef Open Source Community News – September 2018

Here’s this month’s round up of what happened in September across the Chef, Habitat, and InSpec open-source communities. Chef This month’s release of Chef 14 is Chef 14.5.33, which includes two new resources: windows_workgroup, which allows you to modify the system’s Windows workgroup, and locale, which sets the system locale. Thank you to community members […]

Read More