The blog below is a guest blog post written by Logz.io, one of our ChefConf Online sponsors. For those of you on the Sec (security) side of DevSecOps, DevOps is a cultural and philosophical change to facilitate business alignment and to deliver higher quality software faster. Where DevOps Started It started off by changing the […]
Read MoreTag: security
Upgrading Chef Infra: Why Upgrade
Welcome back to Upgrading Chef Infra! Last week we kicked things off with a brief introduction and a review of some key concepts. Today we’ll see how Chef Infra has evolved in recent years, and take a look at improvements that have been implemented throughout major releases. While we will discuss some items in detail, […]
Read MoreSurvey Results: DevSecOps Drives Efficiency, Security, and Agility
Recently, Chef commissioned a survey of security professionals in order to provide greater insight into what security leaders are most concerned with and how collaboration with I&O (Infrastructure & Operations) is needed within enterprise-sized organizations. We sought out to determine how important DevSecOps is within the Software Development Life Cycle (SDLC), the importance of Audits […]
Read MoreChef InSpec recognized for Compliance Automation Tools in Gartner Report
We believe Gartner provides very useful guidance for organizations struggling with balancing the need to deliver products and services to market faster while having to deal with regulations and compliance requirements that may overburden their teams. The report is titled 3 Steps to Ensure Compliance and Audit Success with DevOps, which Chef has made available […]
Read MoreProduct Announcement: Chef Habitat 1.5 Now Available
Chef Habitat provides automation capabilities for defining, packaging, and delivering applications to almost any environment with any operating system, on any platform. Over the last year, we’ve seen organizations like Alaska Airlines, Rakuten, Walmart, and Rizing address a broad range of application delivery automation challenges with Habitat. They’ve improved their developers’ productivity, reduced deployment failures, […]
Read MoreChef Confirms No Products Affected by Backdoored RubyGems
At Chef, we have a cross-functional security team who evaluates and responds to potential security incidents. Because a significant portion of our code uses Ruby and Ruby libraries (known as “gems”), we have been paying close attention to the reports of malicious code insertion into several gems. Shortly after the news of the compromise became […]
Read MoreCloud Security Assessments in AWS
In our most recent webinar, Cloud Security Assessment for AWS Instances, we took a look at how Chef can help to secure environments in Amazon Web Services. While our previous webinar focused on providing a high-level overview of the challenges organizations face when securing workloads in the cloud, this time around we gave a hands-on […]
Read MoreChef Server 12.4.0 Release Announcement Includes Security Updates
Ohai Chefs, We’re pleased to announce that today we’ve released Chef Server 12.4.0. We have updated the version of Ruby on Rails in oc-id to fix a number of posted CVEs. Chef Server now has a Universe endpoint, which provides the same output as Supermarket or berkshelf-api universe endpoints. More details can be found here. […]
Read MoreChef Management Console 2.1.2 Security Release
Manage 2.1.2 is now available from the Chef downloads site. Manage 2.1.2 is a security release to address a number of Rails CVEs. It is recommended that all users of the Chef Management Console upgrade. The full change log is availble here: https://manage.chef.io/changelog
Read MoreSupermarket 2.3.2 Security Release
Supermarket 2.3.2* is now available. This release contains bug fixes, minor enhancements, and security updates. Supermarket version 2.3.2 is a recommended update for all users running their own instances of Supermarket. Packages are available in the stable repository. Upgrading to this version can be as simple as a chef-client run on your hosts—if you’ve left […]
Read More