What to Talk About at ChefConf 2020 – Chef InSpec

The ChefConf 2020 CFP is well underway. Have you put your topic in yet? If you’re still thinking about what talk you’d like to present, maybe you’re considering a talk about Chef InSpec?  InSpec is a powerful tool for investigating and reporting on the security of your various infrastructure components, including resources in the cloud. Organizations […]

Read More

5 Things You Can Do with Chef InSpec Input

Chef InSpec defines security and compliance rules as executable code for testing and auditing applications and infrastructure. Chef InSpec compares the actual state of a system with the desired state that is expressed in easy-to-read and easy-to-write code. As more and more diverse technologies are deployed across data centers, hybrid, or cloud estates, validating compliance […]

Read More

What’s in an endpoint? Managing laptops with Chef

For over 11 years Chef customers and community have trusted us to manage their infrastructure and servers, so it should be no surprise that you can also manage desktops and laptops just as effectively by using Chef Effortless Infrastructure Suite. Chef on Chef for desktop (or laptop) management Chef itself has transitioned to using our […]

Read More

Protect Yourself From the RubyGems Backdoor by InSpec’ing Your Fleet

Chef has invested a lot with the Enterprise Automation Stack in security. With Chef InSpec you can easily scan your systems for potential vulnerabilities and then leverage Chef Infra to run remediation across your entire fleet. This is important because last week’s RubyGems vulnerability likely affected other software you have deployed that uses Ruby. To […]

Read More

Chef Confirms No Products Affected by Backdoored RubyGems

At Chef, we have a cross-functional security team who evaluates and responds to potential security incidents. Because a significant portion of our code uses Ruby and Ruby libraries (known as “gems”), we have been paying close attention to the reports of malicious code insertion into several gems. Shortly after the news of the compromise became […]

Read More

Secure Your Cloud Estate with Continuous Audits

To meet the demands of an ever more connected world, executing on a comprehensive cloud strategy has become a critical component for organizations at any scale. While cloud platforms have made it incredibly easy to define and scale environments on demand, with those capabilities come new challenges in how to validate that those environments have […]

Read More