Chef InSpec

https://community.chef.io/tools/chef-inspec

Compliance by design

Chef InSpec can be used for

Compliance Infrastructure Provisioning

Codify agreements

Combine profiles and customize them with overlays. Pick controls and define exceptions as code.

Add context to your tests

Utilize many fields like descriptions, tags, and impact.

Apply to all systems

Analyze everything using the same codified profiles and controls.

control 'sshd-21' do
  title 'Set SSH Protocol to 2'
  desc 'A detailed description'
  impact 1.0 # This is critical ref 'compliance guide, section 2.1'
  describe sshd_config do
  its('Protocol') { should cmp 2 }
  end
end

Get started in 3 simple steps

Write the test

Create simple Ruby-based tests to verify your expected state against the current state of your systems.

control 'example-1.0' do
  impact 0.9
  title 'Ensure login disabled'
  desc 'An optional description...'
  describe sshd_config do
    its('PermitRootLogin') {
      should_not cmp 'yes'
    }
  end
end

Run the test

Execute your test against your target system locally or remotely with one simple command.

$ inspec exec linux-baseline

See the results

See which tests failed, passed and skipped and the expected state against the current state of your target system, in one simple output.

Profile: Chef InSpec Profile (example_profile)
Version: 0.1.0
Target:  local://

  ✔  example-1.0: Ensure root login is disabled via SSH
  ✔  SSHD Configuration PermitRootLogin should not cmp == "yes"

Profile Summary: 1 successful control, 0 control failures, 0 controls skipped
Test Summary: 1 successful, 0 failures, 0 skipped

Self-learning tutorials

Test Expectations with Chef InSpec

Learn how easy it is to automate the testing of your systems with the Chef InSpec Language

Chef Compliance: First Steps with Auditing and Remediation

Get started with Chef Compliance, a premium offering that simplifies the auditing and remediation process into a unified workflow.

Community tutorials

InSpec highlights from our Blog

Testing Windows DNS SIGRed Vulnerability with Chef InSpec

Cyber Security for Australian Government, National Critical Infrastructure providers and Enterprise using Chef Compliance

Automating MAS Technology Risk Management (TRM) Guidelines using Chef InSpec

View all posts

Wondering how Chef InSpec might work for your team?

Learn more

Last updated 2 years ago

hashtagCompliance by design

hashtagChef InSpec can be used for

hashtagCodify agreements

hashtagAdd context to your tests

hashtagApply to all systems

hashtagGet started in 3 simple steps

hashtagWrite the test

hashtagRun the test

hashtagSee the results

hashtagSelf-learning tutorials

hashtagTest Expectations with Chef InSpecarrow-up-right

hashtagChef Compliance: First Steps with Auditing and Remediationarrow-up-right

hashtagCommunity tutorials

hashtagGetting started with Chef InSpec -- The Chef InSpec basics seriesarrow-up-right

hashtagWindows infrastructure testing using Chef InSpec - Two part seriesarrow-up-right

hashtagOperating Chef InSpec in an air-gapped environmentarrow-up-right

hashtagTesting Ansible with Chef InSpecarrow-up-right

hashtagInSpec highlights from our Blog

hashtagTesting Windows DNS SIGRed Vulnerability with Chef InSpec

hashtagCyber Security for Australian Government, National Critical Infrastructure providers and Enterprise using Chef Compliance

hashtagAutomating MAS Technology Risk Management (TRM) Guidelines using Chef InSpec

hashtagWondering how Chef InSpec might work for your team?