Protect Yourself From the RubyGems Backdoor by InSpec’ing Your Fleet

Chef has invested a lot with the Enterprise Automation Stack in security. With Chef InSpec you can easily scan your systems for potential vulnerabilities and then leverage Chef Infra to run remediation across your entire fleet. This is important because last week’s RubyGems vulnerability likely affected other software you have deployed that uses Ruby. To […]

Read More

Chef Confirms No Products Affected by Backdoored RubyGems

At Chef, we have a cross-functional security team who evaluates and responds to potential security incidents. Because a significant portion of our code uses Ruby and Ruby libraries (known as “gems”), we have been paying close attention to the reports of malicious code insertion into several gems. Shortly after the news of the compromise became […]

Read More

5 Steps for Scaling DevOps

During a webinar delivered by Chef’s SVP of Products and Engineering  Corey Scobie, the following five common practices used by DevOps high performers were described:  Adopt a coded approach Make it easy to work with code Use the right tool for the right job  Enable one way to production Shift risk mitigation left During the […]

Read More

Why Coded Enterprises are Winning at DevOps

More than 10 years ago Chef ushered in the era of DevOps with the introduction of Chef, the “infrastructure as code” tool. Fundamental to the success of Chef was the belief that “the best way to build software is to do it in close collaboration with the people who use it.” Today there are more […]

Read More

End of Support: A Catalyst to Application Lifecycle Modernization

As many of you know, the standard Microsoft lifecycle policy is 10 years of support (5 for mainstream + 5 for extended support) for business and developer products, such as SQL and Windows servers. At the end of the extended support period, patches or security updates are no longer provided, creating security and compliance issues. […]

Read More

Chef Habitat and the runC vulnerability (CVE-2019-5736)

An article was shared yesterday detailing a runC vulnerability that affects Docker and Kubernetes where a malicious container can overwrite a host system’s runC binary, thus allowing root-level code execution on the host. This is an operations nightmare and it made me think of how Chef Habitat can help in these situations. I’d like to give […]

Read More