Announcing InSpec 2.0

We are delighted to announce the availability of InSpec 2.0, the newest version of Chef’s open-source project for compliance automation. InSpec helps you express security and compliance requirements as code and incorporate it directly into the delivery process, eliminating ambiguity and manual processes to help you ship faster while remaining secure. What’s New in InSpec […]

Read More

Chef Automate Release – February 2018

Last week Chef announced the February release of Chef Automate. This marks the GA release of the compliance scanner with job scheduling, and adds features to make analysis easier, such as date-range search. Chef Automate now provides compliance scanning capabilities for a full range of enterprise needs: agent-based scans to provide continuous visibility into status; […]

Read More

Successfully Migrate to the Cloud with Chef and AWS

By providing organizations with the ability to launch and scale environments on-demand, the cloud has changed how we develop applications and deploy infrastructure, allowing us to iterate faster than previously imaginable. It’s no surprise, then, that cloud migrations have become a hot topic in our industry. A recent survey of Chef users found that a […]

Read More

Supporting your Journey to Continuous Automation on Learn Chef Rally

Most successful organizations pursue continuous automation in three stages: detect, correct, and automate. Our very own Nick Rycar recently covered this framework at length in both a blog post and webinar. In case you missed it, adopting the DCA frameworks means: Detecting where your systems deviate from your standards. Correcting any deviations to meet your […]

Read More

2018 Compliance Survey Results: Compliance Lays Path to Agility for Software Delivery with ‘Detect, Correct, Automate’ Approach

Last year, we conducted a survey of more than 1,500 Chef customers to help us better understand their most pressing issues related to automation: productivity, roles and technology adoption. As we’ve noted in the past, the highest-performing software organizations are able to outperform their peers in each of three key areas, and associated metrics. Speed: […]

Read More

Applying Compliance on Azure Government with InSpec

In government, compliance and security are a critical component of our job function. The current state of compliance frameworks are bulky and unwieldy for those inexperienced with OpenSCAP/XML. Microsoft Azure Government cloud and InSpec are designed to provide a common language for security, compliance, and automation teams to converge around. Azure Government is designed to […]

Read More

Chef Open Source Community News – January 2018

Chef has always been built atop a very strong open-source community. However, we’ve heard from many of you that it’s hard to find news about new features being developed in our open-source projects. Thus, we are starting 2018 off by trying something new, which is to summarize open source developments in Chef, Habitat, InSpec, and […]

Read More

Detect Spectre and Meltdown Vulnerabilities with InSpec

Earlier this month, Google Project Zero announced several security vulnerabilities in many modern processors, commonly referred to by the names Spectre and Meltdown. These vulnerabilities arise from the exploitation of performance optimizations in modern CPUs, features known as branch prediction and speculative execution. You can read more about these hardware vulnerabilities at the Spectre Attack […]

Read More

Improvements for Windows and InSpec

We are proud to announce some major improvements recently implemented in InSpec. Jerry Aldrich and I, two members of Chef’s InSpec Engineering team, have added two features which considerably improve performance when used with the Windows platform. Backend Caching Improvements First, we have added backend caching for commands. This change enables InSpec to cache the […]

Read More