What to Expect When You’re InSpec’ing

“What to expect when you’re InSpec-ing” is a series of concise learning segments focused on InSpec topics using InSpec resources and controls in quick examples that demonstrate the feature set of the InSpec compliance and testing suite. To develop the “Auditing with InSpec”  certification, the Chef Training team immersed ourselves in how InSpec worked. The […]

Read More

Augment your Audits with InSpec 2.0

InSpec is a powerful framework for automating the testing and auditing of environments you manage. With the recent release of InSpec 2.0, it’s gotten even better with various performance improvements, extra resources, and for the first time, the ability to scan not only servers, but cloud endpoints with new AWS and Microsoft Azure resources. Last […]

Read More

Chef’s Approach to CIS Critical Security Controls v7.0

The Center for Internet Security (CIS) have just released the latest version of the Critical Security Controls, designed to provide patterns and practices to help protect organizations and data from cyber attacks. These updated controls have been developed based on feedback from actual cyber attacks faced by organizations using input from a wide spectrum of […]

Read More

Migrating to the Cloud with Chef and CTP

A successful cloud migration requires careful planning. Over the past few months, we’ve been taking a look at how your organization can prepare for that migration. In January, my colleague Matt Carter introduced the Shared Responsibility Model, and how Chef can help you validate your areas of concern. In February, I presented a cloud-focused webinar […]

Read More

Deliver Compliant Systems With CloudBolt and Chef Automate

Installing and configuring multi-node systems are common enterprise tasks that can require a tremendous amount of time and resources. As technology continues to evolve, so will the need to effectively deploy and manage these systems. Chef and CloudBolt work together to simplify the installation, configuration, and ongoing compliance, greatly increasing the scalability and stability of […]

Read More

Auditing with InSpec – New Chef Certification Exam

If you read Julian Dunn’s recent blog post and the follow up InSpec 2.0 Cloud Resources Mini-Tutorial you know that Chef recently launched InSpec 2.0. “InSpec helps you express security and compliance requirements as code and incorporate it directly into the delivery process, eliminating ambiguity and manual processes to help you ship faster while remaining […]

Read More

Using AWS Systems Manager to Run Compliance Scans Using InSpec

Starting today, all AWS customers have the ability to perform compliance as code using InSpec through AWS EC2 Systems Manager (SSM). InSpec, an open-source testing framework from Chef, provides teams the ability to define and assess system state and status across the entire application lifecycle. InSpec can already be used with AWS OpsWorks for Chef Automate to […]

Read More

Automate Compliance with AWS OpsWorks for Chef Automate

In an era of rapidly developing threats and continually evolving compliance frameworks, we need to be able to react quickly. The most successful organizations pursue continuous automation in three stages: detect, correct, and automate. In a recent webinar, Mark Rambow, a Software Development Manager with Amazon Web Services and I demonstrated how to implement this three […]

Read More