Chef InSpec

Compliance by design

Chef InSpec can be used for

Compliance Infrastructure Provisioning

Codify agreements

Combine profiles and customize them with overlays. Pick controls and define exceptions as code.

Add context to your tests

Utilize many fields like descriptions, tags, and impact.

Apply to all systems

Analyze everything using the same codified profiles and controls.

control 'sshd-21' do
  title 'Set SSH Protocol to 2'
  desc 'A detailed description'
  impact 1.0 # This is critical ref 'compliance guide, section 2.1'
  describe sshd_config do
  its('Protocol') { should cmp 2 }

Get started in 3 simple steps

Write the test

Create simple Ruby-based tests to verify your expected state against the current state of your systems.

control 'example-1.0' do
  impact 0.9
  title 'Ensure login disabled'
  desc 'An optional description...'
  describe sshd_config do
    its('PermitRootLogin') {
      should_not cmp 'yes'

Run the test

Execute your test against your target system locally or remotely with one simple command.

$ inspec exec linux-baseline

See the results

See which tests failed, passed and skipped and the expected state against the current state of your target system, in one simple output.

Profile: Chef InSpec Profile (example_profile)
Version: 0.1.0
Target:  local://

  ✔  example-1.0: Ensure root login is disabled via SSH
  ✔  SSHD Configuration PermitRootLogin should not cmp == "yes"

Profile Summary: 1 successful control, 0 control failures, 0 controls skipped
Test Summary: 1 successful, 0 failures, 0 skipped

Self-learning tutorials

Learn how easy it is to automate the testing of your systems with the Chef InSpec Language

Get started with Chef Compliance, a premium offering that simplifies the auditing and remediation process into a unified workflow.

Community tutorials

By Annie Hedgepeth

By Christian Johannsen

By Jeremy Miller

By blindscientist

InSpec highlights from our Blog

Testing Windows DNS SIGRed Vulnerability with Chef InSpec

Read more

Cyber Security for Australian Government, National Critical Infrastructure providers and Enterprise using Chef Compliance

Read more

Automating MAS Technology Risk Management (TRM) Guidelines using Chef InSpec

Read more

View all posts

Wondering how Chef InSpec might work for your team?

Learn more

Last updated