Combine profiles and customize them with overlays. Pick controls and define exceptions as code.
Add context to your tests
Utilize many fields like descriptions, tags, and impact.
Apply to all systems
Analyze everything using the same codified profiles and controls.
control 'sshd-21' do
title 'Set SSH Protocol to 2'
desc 'A detailed description'
impact 1.0 # This is critical ref 'compliance guide, section 2.1'
describe sshd_config do
its('Protocol') { should cmp 2 }
end
end
Get started in 3 simple steps
Write the test
Create simple Ruby-based tests to verify your expected state against the current state of your systems.
control 'example-1.0' do
impact 0.9
title 'Ensure login disabled'
desc 'An optional description...'
describe sshd_config do
its('PermitRootLogin') {
should_not cmp 'yes'
}
end
end
Run the test
Execute your test against your target system locally or remotely with one simple command.
$ inspec exec linux-baseline
See the results
See which tests failed, passed and skipped and the expected state against the current state of your target system, in one simple output.
Profile: Chef InSpec Profile (example_profile)
Version: 0.1.0
Target: local://
✔ example-1.0: Ensure root login is disabled via SSH
✔ SSHD Configuration PermitRootLogin should not cmp == "yes"
Profile Summary: 1 successful control, 0 control failures, 0 controls skipped
Test Summary: 1 successful, 0 failures, 0 skipped
Self-learning tutorials
Community tutorials
InSpec highlights from our Blog
Testing Windows DNS SIGRed Vulnerability with Chef InSpec
Cyber Security for Australian Government, National Critical Infrastructure providers and Enterprise using Chef Compliance
Automating MAS Technology Risk Management (TRM) Guidelines using Chef InSpec
Wondering how Chef InSpec might work for your team?
