Progress has released Progress Chef Cloud Security, which expands DevSecOps with compliance support for native cloud assets and enables end-to-end management of everything on premise, cloud and native cloud resources.
This new offering is complemented by new capabilities across Chef’s portfolio that target DevOps success in the most demanding and complex enterprise deployments. This release builds on Progress’s commitment to deliver a unified and scalable platform that enables businesses to accelerate the delivery of secure and compliant application releases in mixed computing environments.
“Global cloud spending will exceed 1.3 trillion by 2025; as businesses move into a digital-first economy, the cloud will continue to play a larger, and more dominant, role as the IT industry focuses on delivering greater efficiency, flexibility and faster innovation, ”said Jim Mercer, Director of Research, DevOps & DevSecOps, IDC.“ Chef’s product development priorities are focused on improving security and compliance results for customers, creating a unified approach to DevOps for application assets, and making the Chef portfolio easier to use and use. “
Meet the cloud challenge
As technology evolves rapidly and organizations look to the cloud, leading organizations turn to Chef to help manage DevOps, which is complicated by new technologies, diverse deployment landscapes and endless business application requirements. With Chef Cloud Security, organizations can extend their same proven, trusted approach to DevOps to easily manage any combination of public, private and hybrid cloud workloads. The new offer provides the following benefits:
- Enables existing skill sets without consuming time and costly training for compliance management and security posture for cloud native technologies including Containers, Toilets and microservice, ensuring the largest possible coverage of DevOps across the entire fleet of assets.
- Supports native-cloud assets for multi-cloud deployment in the AWS, Azure, Google and Alibaba clouds using certified CIS/DISA STIG profiles to continuously scan and automatically detect security configuration issues.
- Coordinated security, development, testing and operational participation facilitates shifting security checks to the left using policy checks at each stage of the DevOps pipeline with coded artefacts, automated tests and controls and enterprise visibility through strategy as Code.
- Strengthens success with the right combination of training, community assistance and DevRel, technical support as well as cloud aligned pricing and licensing.
Achieving success in compliance
In addition to Chef Cloud Security’s new offering, Progress continues to invest in Progress Chef InSpec, the core underlying security and compliance mechanism:
- New data source and host support: As new technologies are adopted; organizations seek to use their same DevOps skills to manage new assets. Progress has expanded data protection to include SAP ASE, IBM DB2, Mongo, Cassandra, Oracle, MS SQL, plus host CIS coverage for the new RHEL, CentOS, Ubuntu Linux and Mac OS Monterey distributions.
- Cloud protection and size: As organizations turn to the cloud, many of them are forced to compete in multiple public clouds. Progress has expanded the scope of the CIS benchmark profile for AWS, Azure, and GCP, with customizable pre-built services and resource templates for 100+ cloud resources that reduces security implementation effort while also provides the best in class level and performance.
- Ease of use: As we continue our efforts to accelerate DevOps journeys, Progress continues to invest in enabling DevOps practitioner success. DevOps professionals now benefit from automated code generation, testing and documentation artifacts for new resources, improved status visibility and expected completion times for compliance scans, and advanced Shell commands. support for control and testing without file output.
“The chef has proven to be an incredibly useful tool within every organization in which I’ve been involved. It has reduced system configuration time from weeks and days to minutes,” said Brittany Woods, Server Automation Manager, H&R Block. “Furthermore, leveraging Chef’s policy-based approach makes it easier to empower teams that truly own their infrastructure and deliver measurable changes. With the addition of the new Cloud Security offering, Chef is further expanding its value proposition to customers. “
Extending ‘infrastructure as code’ to ‘policy as code’
Having long promoted collaboration -based ‘infrastructure as code’, Chef has applied the same principles to introduce a ‘policy as code’ for security and compliance. Chef is now helping organizations achieve their goal of using a ‘as code’ framework for their infrastructure, applications, desktop, security and compliance concerns across their on -premise, cloud and edge device inventory .
The complete range of Chef capabilities is available as part of the Progress Chef Enterprise Automation Stack (EAS), designed to scale to meet the needs of the largest global business, which now includes these new features:
- Integrates compliance adjustment and processing: Chef now allows DevOps workloads to easily integrate infrastructure configuration processing with compliance audits using an integrated policy definition. This new feature simplifies the workflow between developers, IT Ops and Security professionals who implement and run compliance audits, while providing a single layer of management and visibility — end-to-end capability -end processing of configuration updates, validation and implementation state, data aggregation and integration. for analyzing and triggering action using ServiceNow, Splunk, ELK and more.
- “high availability” (HA) of the chef: Businesses in many industries rely on Chef’s products to ensure high working hours and stability of their critical systems. The chef now supports an HA topology out of the box for increased scalability, resilience and recovery of critical systems. It is available out of the box with enterprise features that meet the flexible scaling and security compliance needs of the underlying infrastructure.
“Over the past few years, Chef — now under the leadership of Progress — has placed a significant focus on building security and compliance capabilities to make the DevSecOps concept achievable for our customers,” he said. by Sundar Subramanian, EVP and GM DevSecOps, Progress. “With the approach-as-code approach, we are very excited to see what our customers can do as they pursue end-to-end DevOps.”