• Home
  • News
  • Big Data & Analytics
  • DevOps
  • Security
  • GDPR
  • AI & ML
  • Women in Tech
  • Cloud & Infrastructure
  • CIO
  • Deskflix
  • Events
  • Whitepapers
  • Spotlights
  • IT Leaders 250
  • Research
  • Delta
  • Tech Marketing Hub
  • About Us
  • Newsletters
  • Sign in
  •  
      • Newsletters
      • Account details
      • Contact support
      • Sign out
     
     
    • You are currently accessing Computing via your Enterprise account.

      If you already have an account please use the link below to sign in.

      If you have any problems with your access or would like to request an individual access account please contact our customer service team.

      Phone: +44 (0) 1858 438800

      Email: customerservices@incisivemedia.com

      • Sign in
     
  • Follow us
    • Twitter
    • LinkedIn
    • Newsletters
    • Facebook
    • YouTube
  • Register
  • Events
    • Upcoming events
      event logo
      Deskflix Financial Services

      oin us for this episode of Deskflix to hear from industry experts and peers on their 2020 best practices, what they’ve learnt for 2021 and how they plan to overcome the next wave of disruption.

      • Date: 03 Mar 2021
      event logo
      Good listeners: Why conversational interfaces are now a must-have

      This webinar, featuring dedicated research, will explore how conversational interfaces can add value to your digital initiatives today. We discuss the benefits of putting the AI to work and the value of the conversational channel itself.

      • Date: 17 Mar 2021
      • Virtual Event,
      event logo
      Deskflix IT Leader's Summit

      Six months on from our inaugural IT Leaders’ Festival, Deskflix IT Leaders’ Summit is a chance to take stock and reflect on the first quarter of 2021. How did you overcome the obstacles of 2020? Was progression as expected? What were your biggest threats and biggest growth opportunities?

      • Date: 24 Mar 2021
      event logo
      AI & Machine Learning Awards 2021

      The Computing AI & Machine Learning Awards recognise the best companies, individuals, and projects in the AI space today. The awards cover every corner of the industry: security, ethics, data analysis, innovation and more, as well as showcasing the movers and shakers: the technology heroes and projects that deserve industry-wide praise. The winners will be announced in London on 1 July 2020. Entries are now open!

      • Date: 09 Jun 2021
      • TBC, London
      View all events
  • Whitepapers
    • LATEST WHITEPAPERS
      Darktrace 120x194
      Cyber AI Response: Threat Report 2019

      This white paper details 7 case studies of attacks that were intercepted and neutralised by Darktrace cyber defense AI, including a zero-day trojan in a manufacturing company's network. Learn how Darktrace Antigena AI Response modules fight back autonomously, no matter where a threat may emerge, extending to the Cloud, Email and SaaS.

      Download
      Darktrace 120x194
      Cyber AI & Darktrace Cloud

      This white paper explores how cloud is a security blind spot for many organisations who struggle with the limited visibility and control in this new environment, where their existing security tools are often not applicable.

      Download
      Find whitepapers
      Search by title or subject area
      View all whitepapers
  • Spotlights
    • Spotlights

      Welcome to Computing's Spotlight section, where we focus in on particularly important themes and topics of enterprise IT.

      Intel logo

       

      Endpoint Management and Security Hub

  • IT Leaders 250
  • Research
  • Delta
  • Tech Marketing Hub
  • About Us
Computing
Computing
  • Home
  • News
  • Big Data & Analytics
  • DevOps
  • Security
  • GDPR
  • AI & ML
  • Women in Tech
  • Cloud & Infrastructure
  • CIO
  • Deskflix
 
    • Newsletters
    • Account details
    • Contact support
    • Sign out
 
 
  • You are currently accessing Computing via your Enterprise account.

    If you already have an account please use the link below to sign in.

    If you have any problems with your access or would like to request an individual access account please contact our customer service team.

    Phone: +44 (0) 1858 438800

    Email: customerservices@incisivemedia.com

    • Sign in
 
 

Sponsor content:

What's this?

This content has been provided by our sponsors and is a paid advertisement.
  • DevOps

Turn your compliance, security and other policy requirements into automated tests

Nick Rycar, Technical Product Marketing Manager at Chef explains how InSpec can help with compliance and security concerns in development and operations

  • Nick Rycar
  • Tweet  
  • Facebook  
  • LinkedIn  
  • Send to  
0 Comments

In order to outperform competitors, organizations need to deliver software faster, while ensuring doing so doesn't increase their risks. To accomplish this, it's imperative that security and compliance teams embrace DevOps and drive collaboration through automation.

That's according to Pieter Hagen, Solutions Architect at Chef Software, speaking at Computing's recent DevOps summit in London.

In his talk, How Security and Compliance Teams can be Good Citizens in a DevOps Practice, Pieter articulates how speed and risk are often at odds. As development and operations teams are able to iterate more quickly, security and compliance can become a bottleneck when environments are evaluated late in the release cycle, and often manually. Issues discovered at this stage can be costly to address, and can risk release deadlines. Furthermore, manual processes are difficult to scale, making it difficult to apply validations more frequently or in more environments.

InSpec is a tool that addresses these concerns by allowing compliance requirements to be codified for continuous, automatic evaluation. InSpec code is designed to be easily understood by IT professionals across disciplines, with the flexibility to adapt to ever-changing regulatory requirements and emerging security vulnerabilities.

Because InSpec defines compliance requirements as code, environments can be evaluated consistently at every stage of development. Issues can therefore be discovered earlier, where they can be prioritized and addressed long before a change is promoted to production. The end result of this is a more predictable deployment schedule with fewer delays, and most importantly, greater confidence that security flaws won't find their way into production.

With Chef Automate, organizations have access to a library of pre-written Compliance Profiles that can be run continuously on live environments and validated on-demand in weighted compliance reports. By practicing Continuous Compliance in this fashion, organizations can enter into audits with a complete picture of their systems' security, and maintain visibility even between audits.

Finally, and perhaps most crucially, InSpec provides a single tool that can be used by security, compliance, development and operations alike. By providing a consistent source of truth for what compliance looks like in your organization, InSpec helps drive collaboration between these teams, and allows the entire IT organization to take an active role in ensuring compliance priorities are understood and met.

Nick Rycar is Technical Product Marketing Manager at Chef

  • Tweet  
  • Facebook  
  • LinkedIn  
  • Send to  
  • Topics
  • DevOps
  • DevOps
  • chef
blog comments powered by Disqus
Back to Top
  • Contact
  • Delta
  • Marketing solutions
  • Enterprise IT Events
  • Incisive Media
  • Terms & conditions
  • Policies
  • Careers
  • Twitter
  • LinkedIn
  • Newsletters
  • Facebook
  • YouTube

im_logo

© Incisive Business Media (IP) Limited, Published by Incisive Business Media Limited, New London House, 172 Drury Lane, London WC2B 5QR, registered in England and Wales with company registration numbers 09177174 & 09178013

Digital publisher of the year
Digital publisher of the year 2010, 2013, 2016 & 2017
Loading