DEVOPSdigest

Chef announced a number of new products designed to enable coded enterprises to work across silos to build competitive advantage through automation.

The newly introduced Chef Compliance and Chef Desktop, in addition to notable enhancements to Chef’s application delivery capabilities, help organizations enforce and maintain compliance; deploy, manage, and secure desktop, laptop and kiosk workstation fleets and accelerate application definition and delivery.

DevSecOps innovations introduced today include:

Chef Compliance

Building on Chef’s long history of innovation in compliance automation, Chef Compliance, available today, builds on Chef InSpec to help enterprises maintain compliance and prevent security incidents across heterogeneous hybrid and multi-cloud estates while improving speed and efficiency. Standards-based audit and remediation content, easily-tuned baselines and comprehensive visibility and control make it easy to maintain and enforce compliance across the enterprise.

New offerings include:

- Chef Compliance Audit: Designed specifically for information security and SecOps teams who wish to maintain complete visibility over the compliance status of their estate. It provides extensive audit content based on Center for Internet Security (CIS) and Security Technology Implementation Guide (STIG) standards that can be easily tuned to meet specific needs.

- Chef Compliance Remediation: Designed specifically for Infrastructure and Operations teams to help close the loop between audit and remediation and enable continuous compliance in the enterprise. New remediation functionality and trusted, standards-based content makes it easy to remediate issues uncovered during audits without writing code.

Chef Compliance features integrated capabilities across all five stages of the compliance lifecycle:

- Acquire: Access CIS certified and Chef-hardened and curated content aligned to industry benchmarks for audit and remediation. With newly available remediation content, organizations can ensure remediation actions align directly to audit results.

- Define: Chef now makes it easy to define compliance baselines and tune them to the organization’s unique needs. Flexible compliance waiver capabilities allow teams to turn on or off individual controls in order to avoid false positives and misconfigurations.

- Detect: Continuously monitor and evaluate compliance posture by detecting deviations from intended state at any point in the software delivery lifecycle.

- Remediate: Remediate non-compliance with newly available remediation capabilities that efficiently address individual controls in alignment with audit tests, encoding those fixes to enable continuous compliance.

- Report: Maintain comprehensive and up-to-date visibility across heterogeneous estates, easily view differences between baseline and remediated states and track waiver status to enable fast and accurate audits any time.

Chef Desktop

Chef Desktop, available today, enables IT managers to write their own configuration and compliance requirements as human-readable code (YAML), in order to deploy, manage and secure entire fleets of laptops, desktops or workstations from a central location. Organizations can gain control over IT resources, ease the management burden, and ensure compliance to minimize risk. Chef Desktop also includes pre-written configuration code, with highly-curated content to audit and harden popular laptop and desktop operating systems. This approach helps IT resource managers gain value immediately while maintaining ultimate flexibility to meet enterprise-specific needs.

New innovations include:

- Zero-touch process for enrollment and provisioning of laptops/desktop endpoints (for Mac & Windows)

- Automated software/application deployment and management

- Automated policy setting on endpoints with flexibility to fine-tune

- Low-lift rollout of software and application updates

- Transparent device known states via artifacts (e.g. cookbooks/profiles, etc.) to facilitate auditing and remediation

- Security policy enforcement via configuration profiles, data encryption and system updates

Application Delivery

New innovations in Chef Enterprise Automation Stack provide advanced automation capabilities for defining, packaging and delivering applications to help clients deliver applications consistently, securely, and reliably. Defining applications based on six core requirements enables IT teams to drive better outcomes across all applications (COTS and custom, Windows and Linux) and environments (cloud, containers, on-premises, and edge). These include application version, config instructions, build instructions, dependencies, relationships and run-time instructions.

New innovations include:

- Enhanced analytics enable users to filter and update views for disconnected services and receive real-time health check messages and statuses

- Advanced application delivery capabilities in Chef Habitat 1.6 included rapid rollback, package clean-up and layered container support

- Improved package management makes it easier to manage package settings and deploy multi-platform packages

“Today’s announcement clearly demonstrates the significant innovations that we, in close collaboration with our community, have made since ChefConf last year,” said Corey Scobie, CTO, Chef. “By simplifying software deployment, solving pressing security and compliance challenges in hybrid environments and managing distributed devices in this remote-first world, we are making our customers more effective and enabling coded enterprises to attain the full scope of their IT ambitions.”

“Chef’s product innovation is moving faster than ever before and meeting our customers’ most pressing needs for DevSecOps,” said Barry Crist, CEO, Chef. “Since our last ChefConf, we have been intensely focused on harnessing our long experience in operating at massive scale and speed while enabling unprecedented ease-of-use. I am proud to say that Chef today is truly defining the future of IT automation for Coded Enterprises.”