inspec/www/source/index.html.slim

---
title: Chef InSpec - Audit and Automated Testing Framework
description: Chef InSpec is an open source (OSS) automated testing tool for integration, compliance, security, and other policy requirements. Easily test your network and systems on-site or on cloud platforms such as AWS, Azure, and Docker Containers.
priority: 1.0
change_frequency: daily
---

/! header
header.bg-gradient.margin-top-offset.short-bg.relative
  .row.align.margin-top-sm
    .large-7.medium-7.mobile-12.columns.z-20
      .margin-both
        h1.t-white Chef InSpec is compliance as code
        h3.t-white Turn your compliance, security, and other policy requirements into automated tests.
        /! buttons
        .row.align.columns.margin-top-sm.mobile-row-btn
          a.button.btn-lg.btn-purple.shadow-dark.margin-right-xs.mobile-row-btn href="/downloads"
            i.fa.fa-cloud-download
            span download inspec 4
          a.button.btn-lg.btn-white-o.shadow-dark.mobile-row-btn href="/tutorials" browse tutorials
        a class="github-button" href="https://github.com/chef/inspec" data-size="large" data-show-count="true" aria-label="Star chef/inspec on GitHub" Star

    .large-5.medium-5.columns.relative.mobile-hide
      /! diamond image
      img.diamond src="/images/home/diamond.png" alt="image of diamond"/
      img.grid-animate.fit.z-20 src="/images/home/web.svg" onerror="this.src='/images/home/web.png'" alt="image of grid"/

  /!  canvas elements
  #particles-js.particles
   canvas.particles-js-canvas-el /


/! Get started
.margin-both
  .row.relative
   .columns
     hr
     small.t-gray How Chef InSpec works
     h2.txt-margin Get started with Chef InSpec in 3 simple steps
     hr
   .large-5.medium-5.columns.blue-grid.mobile-hide
     img.grid-animate.fit src="/images/community/blue-web.svg" onerror="this.src='/images/community/blue-web.png'" alt="image of grid"
  .margin-top-sm
    .row.align.mobile-row
      .large-6.medium-6.mobile-12.columns
        .flex.align
          .num-container
            h3.t-purple 1
          .block.margin-left-sm
            h4.t-purple write the test
            p Create simple Ruby-based tests to verify your expected state against the current state of your systems.
      .large-6.medium-6.mobile-12.columns
        .flex.align.slide-right
          .tooltip-triangle
          .box-dark.box-scroll.tip.shadow
           pre.slide-up-slow.animate-delay-10
               code control 'example-1.0' do
               code   impact 0.9
               code   title 'Ensure login disabled'
               code   desc 'An optional description...'
               code   describe sshd_config do
               code     its('PermitRootLogin') {
               code       should_not cmp 'yes'
               code     }
               code   end
               code end
  .margin-top-xs
   .row.align.mobile-row
     .large-6.medium-6.mobile-12.columns
       .flex.align
         .num-container
           h3.t-purple 2
         .block.margin-left-sm
           h4.t-purple run the test
           p Execute your test against your target system locally or remotely with one simple command.
     .large-6.medium-6.mobile-12.columns
       .flex.align.slide-right
         .tooltip-triangle
         .box-dark.tip.shadow
           pre
            code $ inspec exec linux-baseline
  .margin-top-xs
   .row.align.mobile-row
     .large-6.medium-6.mobile-12.columns
       .flex.align
         .num-container
           h3.t-purple 3
         .block.margin-left-sm
           h4.t-purple See the results
           p See which tests failed, passed and skipped and the expected state against the current state of your target system, in one simple output.
     .large-6.medium-6.mobile-12.columns
       .flex.align.slide-right
         .tooltip-triangle
         .box-dark.box-scroll.tip.shadow
           pre.slide-up-slow.animate-delay-20
            code Profile: Chef InSpec Profile (example_profile)
            code Version: 0.1.0
            code Target:  local://
            br
            code   ✔  example-1.0: Ensure root login is disabled via SSH
            code   ✔  SSHD Configuration PermitRootLogin should not cmp == "yes"
            br
            code Profile Summary: 1 successful control, 0 control failures, 0 controls skipped
            code Test Summary: 1 successful, 0 failures, 0 skipped


/! how it works
.row.relative.margin-under-sm
 .columns.strict-center
   hr.center
   small.t-gray Features of Chef InSpec
   h2.txt-margin Chef InSpec is compliance by design
   hr.center

.row.strict-center.mobile-row
  .large-6.medium-6.columns.mobile-12.margin-under-xs
    .box-white.shadow.strict-center.fit-height.relative.slide-up
      img.icon-art.margin-under-xs src="/images/home/platform.svg" onerror="this.src='/images/home/platform.png'" alt="image for Chef InSpec platform support"/
      h4.t-purple Platform Agnostic
      p
        |  Chef InSpec supports all major operating systems and is platform agnostic, allowing you the freedom to run compliance and security tests anywhere.
      a title="Linux, Windows/Azure, Mac, Ubuntu, Docker, AWS, VMware, RedHat"
        img.icon-logos src="/images/home/platform-logos.svg" onerror="this.src='/images/home/platform-logos.png'" alt="logos for Linux, Windows/Azure, Mac, Ubuntu, Docker container, AWS, VMware"/
      .triangle-right
  .large-6.medium-6.columns.mobile-12.margin-under-xs
    .box-white.shadow.strict-center.fit-height.relative.slide-up
      img.icon-art.margin-under-xs src="/images/home/test.svg" onerror="this.src='/images/home/test.png'" alt="image for Chef InSpec remote and local testing"/
      h4.t-purple Test locally or remotely
      p
        |  Chef InSpec provides a local agent for host-based assessments, as well as full remote testing support via SSH and WinRM.
      a title="SSH, WinRM"
        img.icon-logos src="/images/home/test-logos.svg" onerror="this.src='/images/home/test-logos.png'" alt="logos for SSH and WinRM" /
      .triangle-right

.row.strict-center.mobile-row
  .large-6.medium-6.mobile-12.columns.margin-under-xs
    .box-white.shadow.strict-center.fit-height.relative.slide-up
      img.icon-art.margin-under-xs src="/images/home/run.svg" onerror="this.src='/images/home/run.png'" alt="image for Chef InSpec freedom"/
      h4.t-purple Free to run anywhere
      p
        |  Chef InSpec is an open-source language that can easily express compliance as code, with the freedom to run anywhere.
      .triangle-right
  .large-6.medium-6.mobile-12.columns.margin-under-xs
    .box-white.shadow.strict-center.fit-height.relative.slide-up
      img.icon-art.margin-under-xs src="/images/home/extensible.svg" onerror="this.src='/images/home/extensible.png'" alt="image for Chef InSpec's extensible language" /
      h4.t-purple Extensible language
      p
        |  Easily extend the Chef InSpec language to cover new operating systems, devices, or applications.
      .triangle-right


/! use cases

.bg-gradient.margin-top
  .pad-both.relative
    #particles-second
      canvas.particles-js-canvas-el
    .slider
      .row
        .columns.selectors.mobile-hide.z-20
          a.button.btn-lg.btn-slider.shadow-dark for Compliance
          a.button.btn-lg.btn-slider.shadow-dark for Infrastructure
          a.button.btn-lg.btn-slider.shadow-dark for Provisioning
        .columns.selectors.slider-selectors.mobile-show.z-20
          a.button.btn-lg.btn-slider.shadow-dark Compliance
          a.button.btn-lg.btn-slider.shadow-dark Infrastructure
          a.button.btn-lg.btn-slider.shadow-dark Provisioning
      .view
        .row
          .large-7.medium-7.mobile-12.columns
            h2.t-white.margin-both-sm
              | Transform your compliance and security requirements into simple code
        .row.mobile-row
          .large-6.medium-6.mobile-12.columns.mobile-row
            .box-white.shadow-dark.fit-height.z-20
              .block.margin-both-xs
                h4.t-purple Codify agreements
                p Combine profiles and customize them with overlays. Pick controls and define exceptions as code.
              .block.margin-under-xs
                h4.t-purple Add context to your tests
                p Utilize many fields like descriptions, tags, and impact.
              .block
                h4.t-purple Apply to all systems
                p Analyze everything using the same codified profiles and controls.
          .large-6.medium-6.mobile-12.columns
            .box-dark.shadow-dark.fit-height.z-20
              pre.t-white.align-vertical-50
                code control 'sshd-21' do
                code   title 'Set SSH Protocol to 2'
                code   desc 'A detailed description'
                code   impact 1.0 # This is critical ref 'compliance guide, section 2.1'
                code   describe sshd_config do
                code    its('Protocol') { should cmp 2 }
                code   end
                code end
      .view
        .row
          .large-7.medium-7.mobile-12.columns
            h2.t-white.margin-both-sm
              | Solve your infrastructure testing needs simply and efficiently
        .row.mobile-row
          .large-6.medium-6.mobile-12.columns.mobile-row
            .box-white.shadow-dark.fit-height.z-20
              .block.margin-both-xs
                h4.t-purple Test the desired state
                p Verify the current desired state of your apps and infrastructure according to the code you write.
              .block.margin-under-xs
                h4.t-purple HUMAN-READABLE CODE
                p Reduce friction by writing tests that are easy to understand by anyone.
              .block
                h4.t-purple Extensible
                p Create custom resources with ease and share them easily with others.
          .large-6.medium-6.mobile-12.columns
            .box-dark.shadow-dark.fit-height.z-20
              pre.t-white.align-vertical-50
                code describe file('/etc/myapp.conf') do
                code   it { should exist }
                code   its('mode') { should cmp 0644 }
                code end
                br
                code describe apache_conf do
                code   its('Listen') { should cmp 8080 }
                code end
                br
                code describe port(8080) do
                code   it { should be_listening }
                code end
      .view
        .row
          .large-7.medium-7.mobile-12.columns
            h2.t-white.margin-both-sm
              | Verify provisioning to cloud providers
        .row.mobile-row
          .large-6.medium-6.mobile-12.columns.mobile-row
            .box-white.shadow-dark.fit-height.z-20
              .block.margin-both-xs
                h4.t-purple Test AWS and Azure configuration
                p Verify all necessary settings of your favorite public cloud providers.
              .block.margin-under-xs
                h4.t-purple Test provisioners
                p Chef InSpec can be used in combination with Cloudformation, Azure resource manager templates and Terraform.
              .block
                h4.t-purple Verify security configuration
                p Ensure that your cloud deployments are not open to malicious attacks due to misconfiguration.
          .large-6.medium-6.mobile-12.columns
            .box-dark.shadow-dark.fit-height.z-20
              pre.t-white.align-vertical-50
                code describe aws_s3_bucket(bucket_name: 'my_secret_files') do
                code   it { should exist }
                code   it { should_not be_public }
                code end
                br
                code describe aws_iam_user(username: 'test_user') do
                code   it { should have_mfa_enabled }
                code   it { should_not have_console_password }
                code end

.scrollToTop.shadow-dark
  img#scrollup src="/images/home/arrow.svg" onerror="this.src='/images/home/arrow.png'" alt="image of scroll to top arrow"