SlideShare a Scribd company logo

Automate Everything with One Unified Platform

Larry Eichenbaum
Larry Eichenbaum

Learn about how the Chef Automate platform helps enable security, audit, and compliance staff to become engaged in DevOps activities early on by performing infrastructure compliance validation as part of the initial development cycles.

Technology
1 of 26
Download to read offline
Automation for Everything you Manage... ...in one unified platform Larry Eichenbaum Solutions Architect — Fed/Gov larryebaum@chef.io @larryebaum
77% Digital transformation is taking over IT Disrupt or be disrupted. Outperform the competition with digital transformation. Shipping apps and experiences quickly is key to business growth Idea Ship PROBLEM Information Security teams aren’t set up to act rapidly ▪ 71% of IT orgs adopt DevOps1 ▪ DevOps teams work fast ▪ Continuous delivery of change ▪ Slow response from InfoSec ▪ Vulnerabilities and risk PERCEPTION 1—Rightscale, State of the Cloud 2017 2—Gartner, How to Seamlessly Integrate Security Into DevOps (2016) REQUIREMENT Among IT professionals, 81% believe InfoSec policies inhibit agility and speed.2 Information Security professionals agree that their policies inhibit agility and speed.2 81%
The current state of Information Security The continuous demand to increase speed potentially amplifies existing issues Despite velocity gains by other teams, InfoSec lags behind 99% of vulnerabilities exploited will be known to InfoSec for one year or more.1 Since 2014, more than 88% of exploits observed use only nine known vulnerabilities Source: Verizon Data Breach Report 2017 Source: Chef Survey 2017 And after a compliance violation or security vulnerability is discovered: 1 in 2 teams need days or longer to remediate, 1 in 4 need weeks or months 30% need days 28% need weeks or months
Bridging the gap Most InfoSec tools aren’t built for automation & speed InfoSec tools are too far removed from typical developer workflows High-velocity teams use code-driven tools with fast feedback loops
Compliance as Code ROLE OF THE COMPLIANCE OFFICERACCELERATED CYCLE INFRASTRUCTURE AS CODE POLICY AS CODE PRACTICE AS CODE Separate certification & testing Common language for describing & applying policy Compliance at velocity Compliance at VelocityManual Compliance Reactive engagement Proactive engagement Checking implementations by hand Expressing policy as testable code Short term compliance Long term process improvement One language, One workflow
InSpec - Bridging the gap Each team uses separate approach SECURITY DEVOPS COMPLIANCE Unified approach SECURITY DEVOPS COMPLIANCE
The Old Way People working directly on machines Bridging the gap - Security meets Operations The Modern Way People automating machines using code DEVOPS SECURITY DEVOPS COMPLIANCE The New Way Shared tooling across organizations
Continuous Compliance Real-time and historical compliance results Detect which systems are unpatched, vulnerable, or out of compliance Generate weighted reports, allowing you to prioritize and remediate failures.
Continuous Compliance
Continuous Compliance View your Compliance status broken down node-by-node…
Continuous Compliance … as well as profile-by-profile
Continuous Compliance See which controls are failing across your nodes…
Continuous Compliance …or on each managed node individually
Continuous Compliance …or on each managed node individually
Continuous Compliance …or on each managed node individually
Continuous Compliance Dig into failure details on any control…
Continuous Compliance …and even view source code and framework references
InSpec Profile Store Chef Automate comes pre-loaded with a library of Compliance Profiles. Out-of-the-box ability to evaluate software patching, security baselines, and industry-standard benchmarks like CIS and DISA STIG. Upload homegrown InSpec profiles based on your organizational standards via the same interface.
Continuous Compliance Validate your AWS environment alongside your instances
Operational Insights With Chef Automate, you always know exactly when changes are applied to your estate and what was changed. Keep track of every system you mange in one place, filterable by environment, platform, and much more! Each time Chef configures a node, Chef Automate tells you what changed, what didn't, and whether any tasks failed.
Operational Insights
Integrated with Open Source Chef Infrastructure Automation Application Automation Compliance Automation
Chef ▪ Manages deployment and on-going automation ▪ Define reusable resources and infrastructure state as code ▪ Scale elegantly from one to tens of thousands of managed nodes across multiple complex environments ▪ Community, Certified Partner, and Chef supported content available for all common automation tasks Infrastructure automation and delivery at scale windows_feature ‘IIS-WebServerRole’ do action :install end windows_feature ‘IIS-ASPNET’ do action :install end iis_pool FooBarPool do runtime_version “4.0” action :add end package "apache" do action :install end template “/etc/httpd/https.conf” do source “httpd.conf.erb” mode 0075 owner “root” group “root” end service “apache2” do action :start done
Chef: Leader in the DevOps Market ” Leading change in a large and profitable enterprise is challenging for a number of reasons. Chef helps make change work at Target.
Learn more about Chef Automate https://www.chef.io/solutions/government/ https://learn.chef.io
Thanks... Larry Eichenbaum Solutions Architect — Fed/Gov larryebaum@chef.io @larryebaum

Recommended

DevOps
DevOpsDevOps
DevOpsJeremiah Tillman
 
Observability in highly distributed systems
Observability in highly distributed systemsObservability in highly distributed systems
Observability in highly distributed systemsDevOps Indonesia
 
Testing in the new age of DevOps
Testing in the new age of DevOpsTesting in the new age of DevOps
Testing in the new age of DevOpsMoataz Mahmoud
 
Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliancePuppet
 
DevSecOps: Putting the Sec into the DevOps
DevSecOps: Putting the Sec into the DevOpsDevSecOps: Putting the Sec into the DevOps
DevSecOps: Putting the Sec into the DevOpsshira koper
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approachPuppet
 
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)Developing a Rugged Dev Ops Approach to Cloud Security (Updated)
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)Sebastian Taphanel CISSP-ISSEP
 
API Security - Everything You Need to Know To Protect Your APIs
API Security - Everything You Need to Know To Protect Your APIsAPI Security - Everything You Need to Know To Protect Your APIs
API Security - Everything You Need to Know To Protect Your APIsAaronLieberman5
 

Recommended

DevOps
DevOpsDevOps
DevOpsJeremiah Tillman
 
Observability in highly distributed systems
Observability in highly distributed systemsObservability in highly distributed systems
Observability in highly distributed systemsDevOps Indonesia
 
Testing in the new age of DevOps
Testing in the new age of DevOpsTesting in the new age of DevOps
Testing in the new age of DevOpsMoataz Mahmoud
 
Keynote: Puppet camp compliance
Keynote: Puppet camp complianceKeynote: Puppet camp compliance
Keynote: Puppet camp compliancePuppet
 
DevSecOps: Putting the Sec into the DevOps
DevSecOps: Putting the Sec into the DevOpsDevSecOps: Putting the Sec into the DevOps
DevSecOps: Putting the Sec into the DevOpsshira koper
 
KGI compliance as-code approach
KGI compliance as-code approachKGI compliance as-code approach
KGI compliance as-code approachPuppet
 
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)Developing a Rugged Dev Ops Approach to Cloud Security (Updated)
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)Sebastian Taphanel CISSP-ISSEP
 
API Security - Everything You Need to Know To Protect Your APIs
API Security - Everything You Need to Know To Protect Your APIsAPI Security - Everything You Need to Know To Protect Your APIs
API Security - Everything You Need to Know To Protect Your APIsAaronLieberman5
 
DevSecOps - It can change your life (cycle)
DevSecOps - It can change your life (cycle)DevSecOps - It can change your life (cycle)
DevSecOps - It can change your life (cycle)Qualitest
 
Monitoring at the Speed of DevOps
Monitoring at the Speed of DevOpsMonitoring at the Speed of DevOps
Monitoring at the Speed of DevOpsDevOps.com
 
A journey from dev ops to devsecops
A journey from dev ops to devsecopsA journey from dev ops to devsecops
A journey from dev ops to devsecopsVeritis Group, Inc
 
Enterprise DevOps
Enterprise DevOpsEnterprise DevOps
Enterprise DevOpsMicrosoft Visual Studio
 
Deployment Strategies
Deployment StrategiesDeployment Strategies
Deployment Strategiespenetration Tester
 
Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Enov8
 
Introduction to Cobalt
Introduction to CobaltIntroduction to Cobalt
Introduction to CobaltCobalt
 
Embracing the Rise of SecDevOps
Embracing the Rise of SecDevOpsEmbracing the Rise of SecDevOps
Embracing the Rise of SecDevOpsTom Cappetta
 
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud EnvironmentManaging Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud EnvironmentAlgoSec
 
Devops
DevopsDevops
Devopspenetration Tester
 
Deep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed MicroservicesDeep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed MicroservicesAaronLieberman5
 
DSOMM
DSOMMDSOMM
DSOMMpenetration Tester
 
A Secure DevOps Journey
A Secure DevOps JourneyA Secure DevOps Journey
A Secure DevOps JourneyVeracode
 
Operationalize all the network things
Operationalize all the network thingsOperationalize all the network things
Operationalize all the network thingsLori MacVittie
 
Dev ops in agile - 1st Conference Melbourne
Dev ops in agile - 1st Conference MelbourneDev ops in agile - 1st Conference Melbourne
Dev ops in agile - 1st Conference MelbourneMirco Hering
 
Chefdevseccon2015
Chefdevseccon2015Chefdevseccon2015
Chefdevseccon2015sc0ttruss
 
Why Serverless is scary without DevSecOps and Observability
Why Serverless is scary without DevSecOps and ObservabilityWhy Serverless is scary without DevSecOps and Observability
Why Serverless is scary without DevSecOps and ObservabilityEficode
 
PIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE
 
Enterprise Security APIs
Enterprise Security APIsEnterprise Security APIs
Enterprise Security APIsAdam Migus
 
SRE 101 (Site Reliability Engineering)
SRE 101 (Site Reliability Engineering)SRE 101 (Site Reliability Engineering)
SRE 101 (Site Reliability Engineering)Hussain Mansoor
 
Managing Complexity at Velocity
Managing Complexity at VelocityManaging Complexity at Velocity
Managing Complexity at VelocityMatt Ray
 
Compliance Automation with Inspec Part 1
Compliance Automation with Inspec Part 1Compliance Automation with Inspec Part 1
Compliance Automation with Inspec Part 1Chef
 

More Related Content

What's hot

DevSecOps - It can change your life (cycle)
DevSecOps - It can change your life (cycle)DevSecOps - It can change your life (cycle)
DevSecOps - It can change your life (cycle)Qualitest
 
Monitoring at the Speed of DevOps
Monitoring at the Speed of DevOpsMonitoring at the Speed of DevOps
Monitoring at the Speed of DevOpsDevOps.com
 
A journey from dev ops to devsecops
A journey from dev ops to devsecopsA journey from dev ops to devsecops
A journey from dev ops to devsecopsVeritis Group, Inc
 
Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Enov8
 
Introduction to Cobalt
Introduction to CobaltIntroduction to Cobalt
Introduction to CobaltCobalt
 
Embracing the Rise of SecDevOps
Embracing the Rise of SecDevOpsEmbracing the Rise of SecDevOps
Embracing the Rise of SecDevOpsTom Cappetta
 
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud EnvironmentManaging Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud EnvironmentAlgoSec
 
Deep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed MicroservicesDeep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed MicroservicesAaronLieberman5
 
A Secure DevOps Journey
A Secure DevOps JourneyA Secure DevOps Journey
A Secure DevOps JourneyVeracode
 
Operationalize all the network things
Operationalize all the network thingsOperationalize all the network things
Operationalize all the network thingsLori MacVittie
 
Dev ops in agile - 1st Conference Melbourne
Dev ops in agile - 1st Conference MelbourneDev ops in agile - 1st Conference Melbourne
Dev ops in agile - 1st Conference MelbourneMirco Hering
 
Chefdevseccon2015
Chefdevseccon2015Chefdevseccon2015
Chefdevseccon2015sc0ttruss
 
Why Serverless is scary without DevSecOps and Observability
Why Serverless is scary without DevSecOps and ObservabilityWhy Serverless is scary without DevSecOps and Observability
Why Serverless is scary without DevSecOps and ObservabilityEficode
 
PIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE
 
Enterprise Security APIs
Enterprise Security APIsEnterprise Security APIs
Enterprise Security APIsAdam Migus
 
SRE 101 (Site Reliability Engineering)
SRE 101 (Site Reliability Engineering)SRE 101 (Site Reliability Engineering)
SRE 101 (Site Reliability Engineering)Hussain Mansoor
 

What's hot (20)

DevSecOps - It can change your life (cycle)
DevSecOps - It can change your life (cycle)DevSecOps - It can change your life (cycle)
DevSecOps - It can change your life (cycle)
 
Monitoring at the Speed of DevOps
Monitoring at the Speed of DevOpsMonitoring at the Speed of DevOps
Monitoring at the Speed of DevOps
 
A journey from dev ops to devsecops
A journey from dev ops to devsecopsA journey from dev ops to devsecops
A journey from dev ops to devsecops
 
Enterprise DevOps
Enterprise DevOpsEnterprise DevOps
Enterprise DevOps
 
Deployment Strategies
Deployment StrategiesDeployment Strategies
Deployment Strategies
 
Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?Why You Should Implement DevSecOps Approach?
Why You Should Implement DevSecOps Approach?
 
Introduction to Cobalt
Introduction to CobaltIntroduction to Cobalt
Introduction to Cobalt
 
Embracing the Rise of SecDevOps
Embracing the Rise of SecDevOpsEmbracing the Rise of SecDevOps
Embracing the Rise of SecDevOps
 
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud EnvironmentManaging Effective Security Policies Across Hybrid and Multi-Cloud Environment
Managing Effective Security Policies Across Hybrid and Multi-Cloud Environment
 
Devops
DevopsDevops
Devops
 
Deep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed MicroservicesDeep Visibility: Logging From Distributed Microservices
Deep Visibility: Logging From Distributed Microservices
 
DSOMM
DSOMMDSOMM
DSOMM
 
A Secure DevOps Journey
A Secure DevOps JourneyA Secure DevOps Journey
A Secure DevOps Journey
 
Operationalize all the network things
Operationalize all the network thingsOperationalize all the network things
Operationalize all the network things
 
Dev ops in agile - 1st Conference Melbourne
Dev ops in agile - 1st Conference MelbourneDev ops in agile - 1st Conference Melbourne
Dev ops in agile - 1st Conference Melbourne
 
Chefdevseccon2015
Chefdevseccon2015Chefdevseccon2015
Chefdevseccon2015
 
Why Serverless is scary without DevSecOps and Observability
Why Serverless is scary without DevSecOps and ObservabilityWhy Serverless is scary without DevSecOps and Observability
Why Serverless is scary without DevSecOps and Observability
 
PIACERE - DevSecOps Automated
PIACERE - DevSecOps AutomatedPIACERE - DevSecOps Automated
PIACERE - DevSecOps Automated
 
Enterprise Security APIs
Enterprise Security APIsEnterprise Security APIs
Enterprise Security APIs
 
SRE 101 (Site Reliability Engineering)
SRE 101 (Site Reliability Engineering)SRE 101 (Site Reliability Engineering)
SRE 101 (Site Reliability Engineering)
 

Similar to Automate Everything with One Unified Platform

Managing Complexity at Velocity
Managing Complexity at VelocityManaging Complexity at Velocity
Managing Complexity at VelocityMatt Ray
 
Compliance Automation with Inspec Part 1
Compliance Automation with Inspec Part 1Compliance Automation with Inspec Part 1
Compliance Automation with Inspec Part 1Chef
 
SoCal DevOps Meetup 1/26/2017 - Habitat by Chef
SoCal DevOps Meetup 1/26/2017 - Habitat by ChefSoCal DevOps Meetup 1/26/2017 - Habitat by Chef
SoCal DevOps Meetup 1/26/2017 - Habitat by ChefTrevor Hess
 
How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks Ulf Mattsson
 
Top DevOps Best Practices for a Successful Transition in 2023
Top DevOps Best Practices for a Successful Transition in 2023Top DevOps Best Practices for a Successful Transition in 2023
Top DevOps Best Practices for a Successful Transition in 2023SofiaCarter4
 
All About Intelligent Orchestration :The Future of DevSecOps.pdf
All About Intelligent Orchestration :The Future of DevSecOps.pdfAll About Intelligent Orchestration :The Future of DevSecOps.pdf
All About Intelligent Orchestration :The Future of DevSecOps.pdfEnov8
 
How to implement DevOps for Enterprise
How to implement DevOps for EnterpriseHow to implement DevOps for Enterprise
How to implement DevOps for EnterpriseSimform
 
OpsWorks for Chef Automate - Auckland AWS
OpsWorks for Chef Automate - Auckland AWS OpsWorks for Chef Automate - Auckland AWS
OpsWorks for Chef Automate - Auckland AWS Matt Ray
 
DevOps: What is the Right Speed?
DevOps: What is the Right Speed?DevOps: What is the Right Speed?
DevOps: What is the Right Speed?Gunnar Menzel
 
DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...
DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...
DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...Amazon Web Services
 
DevOps culture, concepte , philosophie and practices
DevOps culture, concepte , philosophie and practicesDevOps culture, concepte , philosophie and practices
DevOps culture, concepte , philosophie and practicesayoubbahaddouayoub
 
DevSecOps | DevOps Sec
DevSecOps | DevOps SecDevSecOps | DevOps Sec
DevSecOps | DevOps SecRubal Jain
 
How to build successful blocks of DevOps
How to build successful blocks of DevOpsHow to build successful blocks of DevOps
How to build successful blocks of DevOpsCygnet Infotech
 
How to build successful blocks of DevOps
How to build successful blocks of DevOpsHow to build successful blocks of DevOps
How to build successful blocks of DevOpsCygnet Infotech
 
Compliance Automation: detect & correct
Compliance Automation: detect & correctCompliance Automation: detect & correct
Compliance Automation: detect & correctKangaroot
 
The journey to Continuous Automation - Chef Automate
The journey to Continuous Automation - Chef AutomateThe journey to Continuous Automation - Chef Automate
The journey to Continuous Automation - Chef AutomateKangaroot
 
Pentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrowPentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrowAmien Harisen Rosyandino
 
IBM i Application Lifecycle Management with Remain Software
IBM i Application Lifecycle Management with Remain SoftwareIBM i Application Lifecycle Management with Remain Software
IBM i Application Lifecycle Management with Remain SoftwareRemain Software
 

Similar to Automate Everything with One Unified Platform (20)

Managing Complexity at Velocity
Managing Complexity at VelocityManaging Complexity at Velocity
Managing Complexity at Velocity
 
Compliance Automation with Inspec Part 1
Compliance Automation with Inspec Part 1Compliance Automation with Inspec Part 1
Compliance Automation with Inspec Part 1
 
SoCal DevOps Meetup 1/26/2017 - Habitat by Chef
SoCal DevOps Meetup 1/26/2017 - Habitat by ChefSoCal DevOps Meetup 1/26/2017 - Habitat by Chef
SoCal DevOps Meetup 1/26/2017 - Habitat by Chef
 
How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks
 
Top DevOps Best Practices for a Successful Transition in 2023
Top DevOps Best Practices for a Successful Transition in 2023Top DevOps Best Practices for a Successful Transition in 2023
Top DevOps Best Practices for a Successful Transition in 2023
 
Introduction to DevOps
Introduction to DevOpsIntroduction to DevOps
Introduction to DevOps
 
All About Intelligent Orchestration :The Future of DevSecOps.pdf
All About Intelligent Orchestration :The Future of DevSecOps.pdfAll About Intelligent Orchestration :The Future of DevSecOps.pdf
All About Intelligent Orchestration :The Future of DevSecOps.pdf
 
How to implement DevOps for Enterprise
How to implement DevOps for EnterpriseHow to implement DevOps for Enterprise
How to implement DevOps for Enterprise
 
OpsWorks for Chef Automate - Auckland AWS
OpsWorks for Chef Automate - Auckland AWS OpsWorks for Chef Automate - Auckland AWS
OpsWorks for Chef Automate - Auckland AWS
 
DevOps: What is the Right Speed?
DevOps: What is the Right Speed?DevOps: What is the Right Speed?
DevOps: What is the Right Speed?
 
DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...
DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...
DevOps at Scale: How Datadog is using AWS and PagerDuty to Keep Pace with Gr...
 
DevOps culture, concepte , philosophie and practices
DevOps culture, concepte , philosophie and practicesDevOps culture, concepte , philosophie and practices
DevOps culture, concepte , philosophie and practices
 
Introduction to DevOps
Introduction to DevOpsIntroduction to DevOps
Introduction to DevOps
 
DevSecOps | DevOps Sec
DevSecOps | DevOps SecDevSecOps | DevOps Sec
DevSecOps | DevOps Sec
 
How to build successful blocks of DevOps
How to build successful blocks of DevOpsHow to build successful blocks of DevOps
How to build successful blocks of DevOps
 
How to build successful blocks of DevOps
How to build successful blocks of DevOpsHow to build successful blocks of DevOps
How to build successful blocks of DevOps
 
Compliance Automation: detect & correct
Compliance Automation: detect & correctCompliance Automation: detect & correct
Compliance Automation: detect & correct
 
The journey to Continuous Automation - Chef Automate
The journey to Continuous Automation - Chef AutomateThe journey to Continuous Automation - Chef Automate
The journey to Continuous Automation - Chef Automate
 
Pentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrowPentest is yesterday, DevSecOps is tomorrow
Pentest is yesterday, DevSecOps is tomorrow
 
IBM i Application Lifecycle Management with Remain Software
IBM i Application Lifecycle Management with Remain SoftwareIBM i Application Lifecycle Management with Remain Software
IBM i Application Lifecycle Management with Remain Software
 

Recently uploaded

FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 

Recently uploaded (20)

FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
The transition to renewables in India.pdf
The transition to renewables in India.pdfThe transition to renewables in India.pdf
The transition to renewables in India.pdf
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 

Automate Everything with One Unified Platform

  • 1. Automation for Everything you Manage... ...in one unified platform Larry Eichenbaum Solutions Architect — Fed/Gov larryebaum@chef.io @larryebaum
  • 2. 77% Digital transformation is taking over IT Disrupt or be disrupted. Outperform the competition with digital transformation. Shipping apps and experiences quickly is key to business growth Idea Ship PROBLEM Information Security teams aren’t set up to act rapidly ▪ 71% of IT orgs adopt DevOps1 ▪ DevOps teams work fast ▪ Continuous delivery of change ▪ Slow response from InfoSec ▪ Vulnerabilities and risk PERCEPTION 1—Rightscale, State of the Cloud 2017 2—Gartner, How to Seamlessly Integrate Security Into DevOps (2016) REQUIREMENT Among IT professionals, 81% believe InfoSec policies inhibit agility and speed.2 Information Security professionals agree that their policies inhibit agility and speed.2 81%
  • 3. The current state of Information Security The continuous demand to increase speed potentially amplifies existing issues Despite velocity gains by other teams, InfoSec lags behind 99% of vulnerabilities exploited will be known to InfoSec for one year or more.1 Since 2014, more than 88% of exploits observed use only nine known vulnerabilities Source: Verizon Data Breach Report 2017 Source: Chef Survey 2017 And after a compliance violation or security vulnerability is discovered: 1 in 2 teams need days or longer to remediate, 1 in 4 need weeks or months 30% need days 28% need weeks or months
  • 4. Bridging the gap Most InfoSec tools aren’t built for automation & speed InfoSec tools are too far removed from typical developer workflows High-velocity teams use code-driven tools with fast feedback loops
  • 5. Compliance as Code ROLE OF THE COMPLIANCE OFFICERACCELERATED CYCLE INFRASTRUCTURE AS CODE POLICY AS CODE PRACTICE AS CODE Separate certification & testing Common language for describing & applying policy Compliance at velocity Compliance at VelocityManual Compliance Reactive engagement Proactive engagement Checking implementations by hand Expressing policy as testable code Short term compliance Long term process improvement One language, One workflow
  • 6. InSpec - Bridging the gap Each team uses separate approach SECURITY DEVOPS COMPLIANCE Unified approach SECURITY DEVOPS COMPLIANCE
  • 7. The Old Way People working directly on machines Bridging the gap - Security meets Operations The Modern Way People automating machines using code DEVOPS SECURITY DEVOPS COMPLIANCE The New Way Shared tooling across organizations
  • 8. Continuous Compliance Real-time and historical compliance results Detect which systems are unpatched, vulnerable, or out of compliance Generate weighted reports, allowing you to prioritize and remediate failures.
  • 10. Continuous Compliance View your Compliance status broken down node-by-node…
  • 11. Continuous Compliance … as well as profile-by-profile
  • 12. Continuous Compliance See which controls are failing across your nodes…
  • 13. Continuous Compliance …or on each managed node individually
  • 14. Continuous Compliance …or on each managed node individually
  • 15. Continuous Compliance …or on each managed node individually
  • 16. Continuous Compliance Dig into failure details on any control…
  • 17. Continuous Compliance …and even view source code and framework references
  • 18. InSpec Profile Store Chef Automate comes pre-loaded with a library of Compliance Profiles. Out-of-the-box ability to evaluate software patching, security baselines, and industry-standard benchmarks like CIS and DISA STIG. Upload homegrown InSpec profiles based on your organizational standards via the same interface.
  • 19. Continuous Compliance Validate your AWS environment alongside your instances
  • 20. Operational Insights With Chef Automate, you always know exactly when changes are applied to your estate and what was changed. Keep track of every system you mange in one place, filterable by environment, platform, and much more! Each time Chef configures a node, Chef Automate tells you what changed, what didn't, and whether any tasks failed.
  • 22. Integrated with Open Source Chef Infrastructure Automation Application Automation Compliance Automation
  • 23. Chef ▪ Manages deployment and on-going automation ▪ Define reusable resources and infrastructure state as code ▪ Scale elegantly from one to tens of thousands of managed nodes across multiple complex environments ▪ Community, Certified Partner, and Chef supported content available for all common automation tasks Infrastructure automation and delivery at scale windows_feature ‘IIS-WebServerRole’ do action :install end windows_feature ‘IIS-ASPNET’ do action :install end iis_pool FooBarPool do runtime_version “4.0” action :add end package "apache" do action :install end template “/etc/httpd/https.conf” do source “httpd.conf.erb” mode 0075 owner “root” group “root” end service “apache2” do action :start done
  • 24. Chef: Leader in the DevOps Market ” Leading change in a large and profitable enterprise is challenging for a number of reasons. Chef helps make change work at Target.
  • 25. Learn more about Chef Automate https://www.chef.io/solutions/government/ https://learn.chef.io
  • 26. Thanks... Larry Eichenbaum Solutions Architect — Fed/Gov larryebaum@chef.io @larryebaum