Looking for a specific timezone? We have it covered...
View analytic
Tuesday, October 24 • 06:15 - 07:00
Continuous Patch and Security Assessment with InSpec

Sign up or log in to save this to your schedule and see who's attending!

Best-practices for server hardening and patching have been in place for decades. Nevertheless, it is still very cumbersome to enforce those rules continuously and many servers are still unsecured in 2016. DevOps tools like Chef, Puppet or Ansible help to enforce secure configuration, but they cannot fully assess a state of a machine e.g. you cannot easily verify if something is not installed. InSpec is here to help. It is an open source tool for infrastructure, security and compliance testing. InSpec’s DSL is a human and machine-readable assessment language that is extendable and customizable. Since testing can be fully automated with InSpec, companies are enabled to assess and enforce secure configuration across their IT fleet. Integration with CI/CD systems allows continuous testing in high-velocity organizations. This talk will give an introduction to InSpec and demonstrate how patch and security level can be assessed in CI/CD and production environments.

avatar for Christoph Hartmann

Christoph Hartmann

Christoph is a leading the compliance engineering at Chef, and founder who spent the last decade building complex software and infrastructure systems. He is the co-founder and creator of InSpec, Chef Compliance, and the dev-sec.io project. Prior to this, Christoph was res... Read More →

Tuesday October 24, 2017 06:15 - 07:00
Automated Security: Europe

Attendees (488)