Parasoft earned a top spot as a Leader and Fast Mover in the latest GigaOm Radar Report on API Functional Automated Testing.
Chef Announces InSpec 2.0
February 20, 2018
Chef announced InSpec 2.0, a compliance automation solution that accelerates DevSecOps by allowing cross-functional application, infrastructure and security teams to assess and remediate compliance issues from development through the entire software delivery lifecycle.
InSpec 2.0 provides cloud configuration testing (including Microsoft Azure and AWS), more than 30 new conformance capabilities (including Docker, IIS, NGINX and PostgreSQL), enhanced integration with third-party tools and improved ease-of-use and customizability.
InSpec is the first step in Chef’s "Detect, Correct, Automate" approach to cloud migration and continuous automation. It helps organizations maintain an up-to-date view of compliance status in production, detect security issues long before they reach production and reduce risk while delivering applications faster. An open-source framework for describing security and compliance rules that can be shared between software engineers, operations and security engineers, InSpec enables compliance at velocity at all stages of the software delivery process, from the developer’s workstation all the way to production, with no performance impact or side-effects. InSpec’s readability means it is easy to use and understand for all team members, including those whose roles involve minimal coding.
New Capabilities
- Cloud configuration compliance: InSpec 2.0 gives users the ability to write compliance rules against cloud resources, including AWS and Microsoft Azure, with user-defined custom compliance policies.
- Improved user experience: InSpec 2.0 contains more than 30 new resources, allowing users to write compliance rules for many common applications and configuration files without requiring any programming knowledge. These include Docker, security keys (RSA/DSA/x509), webserver (IIS/nginx/Apache) configurations, packages (both system as well as Perl/R/etc.), PostgreSQL and MySQL database configurations, XPath matching in XML config files, ZFS storage pool configurations and many more.
- New integrations: InSpec results can now be exported as JUnit format for integration into continuous delivery tools such as Jenkins and can pull compliance profiles from Chef Automate. Previously-announced integration with Amazon Systems Manager (SSM) provides a frictionless on-ramp to InSpec in the cloud.
- Improved performance: InSpec 2.0 runs 90 percent faster than InSpec 1.0 on Windows and 30 percent faster on Linux.
“InSpec 2.0 builds on our commitment to build the essential tools and services needed for modern application teams to truly deliver on the promise of DevSecOps, fully integrating security with development and deployment for traditional and cloud-native software delivery,” said Marc Holmes, VP of Marketing at Chef. “InSpec provides an easy-to-learn, open-source path to incorporating security and compliance requirements as code directly with the delivery process, ensuring that applications and infrastructure are compliant every step of the way -- not just at the end of the process.”
Industry News
February 03, 2025
February 03, 2025
Linux Foundation Europe and OpenSSF announced a global joint-initiative to help prepare maintainers, manufacturers, and open source stewards for the implementation of the EU Cyber Resilience Act (CRA) and future cybersecurity legislation targeting jurisdictions around the world.
January 30, 2025
OutSystems announced the general availability (GA) of Mentor on OutSystems Developer Cloud (ODC).
January 30, 2025
Kurrent announced availability of public internet access on its managed service, Kurrent Cloud, streamlining the connectivity process and empowering developers with ease of use.
January 29, 2025
MacStadium highlighted its major enterprise partnerships and technical innovations over the past year. This momentum underscores MacStadium’s commitment to innovation, customer success and leadership in the Apple enterprise ecosystem as the company prepares for continued expansion in the coming months.
Traefik Labs Delivers API Gateway and Ingress Controller Integration for Nutanix Kubernetes Platform
January 29, 2025
Traefik Labs announced the integration of its Traefik Proxy with the Nutanix Kubernetes Platform® (NKP) solution.
January 28, 2025
Perforce Software announced the launch of AI Validation, a new capability within its Perfecto continuous testing platform for web and mobile applications.
January 28, 2025
Mirantis announced the launch of Rockoon, an open-source project that simplifies OpenStack management on Kubernetes.
January 28, 2025
Endor Labs announced a new feature, AI Model Discovery, enabling organizations to discover the AI models already in use across their applications, and to set and enforce security policies over which models are permitted.
January 27, 2025
Qt Group is launching Qt AI Assistant, an experimental tool for streamlining cross-platform user interface (UI) development.
January 27, 2025
Sonatype announced its integration with Buy with AWS, a new feature now available through AWS Marketplace.
January 27, 2025
Endor Labs, Aikido Security, Arnica, Amplify, Kodem, Legit, Mobb and Orca Security have launched Opengrep to ensure static code analysis remains truly open, accessible and innovative for everyone:
January 23, 2025
Progress announced the launch of Progress Data Cloud, a managed Data Platform as a Service designed to simplify enterprise data and artificial intelligence (AI) operations in the cloud.
January 23, 2025
Sonar announced the release of its latest Long-Term Active (LTA) version, SonarQube Server 2025 Release 1 (2025.1).
January 23, 2025
Idera announced the launch of Sembi, a multi-brand entity created to unify its premier software quality and security solutions under a single umbrella.
