2-minute read + video

In government, compliance and security are critical components of our job function. The current state of compliance frameworks are bulky and unwieldy for those inexperienced with OpenSCAP/XML. The Microsoft Azure Government cloud and Chef InSpec are designed to provide a common language for security, compliance, and automation teams to converge around.

Microsoft Azure Government is designed to solve your compliance needs all the way up to the systems you manage. That’s where Chef Automate and InSpec take over for that ”last mile.” Chef Automate and InSpec help you view compliance controls in a human-readable, easily digestible format.

The below example is the DISA STIG RHEL6 Control, pertaining to which protocol version of SSH your system runs. This is just one of hundreds of controls published by DISA for managing RedHat systems. The value of InSpec over traditional testing and compliance frameworks is that InSpec includes all the context we need to understand not only the actual code check itself, but also all of the other information we need to understand why we’re checking for this setting. Chef Automate includes profiles for DISA STIGs and CIS Benchmarks out of the box.

By using these InSpec profiles in conjunction with Microsoft Azure Government, we can simplify and reduce the effort it takes to provide compliance in an environment. Recently, we presented a live webinar on this topic with Microsoft’s Technical Solutions Specialist, Derrick Schwartz, to show how our technologies work together to achieve this goal. You can watch a recording of the webinar below.

Learn More: