Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-23 21:23:29 +00:00
Code Issues Projects Releases Packages Wiki Activity
inspec/www/source/index.html.slim
Miah Johnson dafd91898d
Merge branch 'master' into changeInSpecText
2019-05-08 12:32:04 -07:00

280 lines
13 KiB
Text
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: Chef InSpec - Audit and Automated Testing Framework
description: Chef InSpec is an open source (OSS) automated testing tool for integration, compliance, security, and other policy requirements. Easily test your network and systems on-site or on cloud platforms such as AWS, Azure, and Docker Containers.
priority: 1.0
change_frequency: daily
---
/! header
header.bg-gradient.margin-top-offset.short-bg.relative
.row.align.margin-top-sm
.large-7.medium-7.mobile-12.columns.z-20
.margin-both
h1.t-white Chef InSpec is compliance as code
h3.t-white Turn your compliance, security, and other policy requirements into automated tests.
/! buttons
.row.align.columns.margin-top-sm.mobile-row-btn
a.button.btn-lg.btn-purple.shadow-dark.margin-right-xs.mobile-row-btn href="/downloads"
i.fa.fa-cloud-download
span download inspec 4
a.button.btn-lg.btn-white-o.shadow-dark.mobile-row-btn href="/tutorials" browse tutorials
a class="github-button" href="https://github.com/chef/inspec" data-size="large" data-show-count="true" aria-label="Star chef/inspec on GitHub" Star
.large-5.medium-5.columns.relative.mobile-hide
/! diamond image
img.diamond src="/images/home/diamond.png" alt="image of diamond"/
img.grid-animate.fit.z-20 src="/images/home/web.svg" onerror="this.src='/images/home/web.png'" alt="image of grid"/
/! announcement
.row.columns
.box-white.shadow.z-20.slide-left
h3.large-11.medium-11 Announcing InSpec 4
p.large-11.medium-11 Inputs system overhaul, updated AWS-SDK to v3, support for the new Chef License, and many bugfixes and minor features
#expand
.margin-top-sm.brdr-left.large-11.medium-11
.margin-left-sm
h4.t-purple core
p Inputs system overhaul - more consistent, extensible, and predictable
p Updated AWS-SDK to v3
p Laying the foundation for opt-in telemetry
p Support for the new Chef License
p Add support for more_permissive_than? on the File resource
p Many other minor bugfixes!
.margin-top-sm.brdr-left.large-11.medium-11
.margin-left-sm
h4.t-purple inspec-bin
p Moved the `inspec` executable to a separate gem, `inspec-bin`. This allows the use of the `inspec` gem as a library without the licensing restrictions placed on the executable.
p This release is the first to require accepting a license before using it as an executable.
.margin-top-xs
a#expandBtn Show all new features
/! canvas elements
#particles-js.particles
canvas.particles-js-canvas-el /
/! Get started
.margin-both
.row.relative
.columns
hr
small.t-gray How Chef InSpec works
h2.txt-margin Get started with Chef InSpec in 3 simple steps
hr
.large-5.medium-5.columns.blue-grid.mobile-hide
img.grid-animate.fit src="/images/community/blue-web.svg" onerror="this.src='/images/community/blue-web.png'" alt="image of grid"
.margin-top-sm
.row.align.mobile-row
.large-6.medium-6.mobile-12.columns
.flex.align
.num-container
h3.t-purple 1
.block.margin-left-sm
h4.t-purple write the test
p Create simple Ruby-based tests to verify your expected state against the current state of your systems.
.large-6.medium-6.mobile-12.columns
.flex.align.slide-right
.tooltip-triangle
.box-dark.box-scroll.tip.shadow
pre.slide-up-slow.animate-delay-10
code control 'example-1.0' do
code impact 0.9
code title 'Ensure login disabled'
code desc 'An optional description...'
code describe sshd_config do
code its('PermitRootLogin') {
code should_not cmp 'yes'
code }
code end
code end
.margin-top-xs
.row.align.mobile-row
.large-6.medium-6.mobile-12.columns
.flex.align
.num-container
h3.t-purple 2
.block.margin-left-sm
h4.t-purple run the test
p Execute your test against your target system locally or remotely with one simple command.
.large-6.medium-6.mobile-12.columns
.flex.align.slide-right
.tooltip-triangle
.box-dark.tip.shadow
pre
code $ inspec exec linux-baseline
.margin-top-xs
.row.align.mobile-row
.large-6.medium-6.mobile-12.columns
.flex.align
.num-container
h3.t-purple 3
.block.margin-left-sm
h4.t-purple See the results
p See which tests failed, passed and skipped and the expected state against the current state of your target system, in one simple output.
.large-6.medium-6.mobile-12.columns
.flex.align.slide-right
.tooltip-triangle
.box-dark.box-scroll.tip.shadow
pre.slide-up-slow.animate-delay-20
code Profile: Chef InSpec Profile (example_profile)
code Version: 0.1.0
code Target: local://
br
code ✔ example-1.0: Ensure root login is disabled via SSH
code ✔ SSHD Configuration PermitRootLogin should not cmp == "yes"
br
code Profile Summary: 1 successful control, 0 control failures, 0 controls skipped
code Test Summary: 1 successful, 0 failures, 0 skipped
/! how it works
.row.relative.margin-under-sm
.columns.strict-center
hr.center
small.t-gray Features of Chef InSpec
h2.txt-margin Chef InSpec is compliance by design
hr.center
.row.strict-center.mobile-row
.large-6.medium-6.columns.mobile-12.margin-under-xs
.box-white.shadow.strict-center.fit-height.relative.slide-up
img.icon-art.margin-under-xs src="/images/home/platform.svg" onerror="this.src='/images/home/platform.png'" alt="image for Chef InSpec platform support"/
h4.t-purple Platform Agnostic
p
| Chef InSpec supports all major operating systems and is platform agnostic, allowing you the freedom to run compliance and security tests anywhere.
a title="Linux, Windows/Azure, Mac, Ubuntu, Docker, AWS, VMware, RedHat"
img.icon-logos src="/images/home/platform-logos.svg" onerror="this.src='/images/home/platform-logos.png'" alt="logos for Linux, Windows/Azure, Mac, Ubuntu, Docker container, AWS, VMware"/
.triangle-right
.large-6.medium-6.columns.mobile-12.margin-under-xs
.box-white.shadow.strict-center.fit-height.relative.slide-up
img.icon-art.margin-under-xs src="/images/home/test.svg" onerror="this.src='/images/home/test.png'" alt="image for Chef InSpec remote and local testing"/
h4.t-purple Test locally or remotely
p
| Chef InSpec provides a local agent for host-based assessments, as well as full remote testing support via SSH and WinRM.
a title="SSH, WinRM"
img.icon-logos src="/images/home/test-logos.svg" onerror="this.src='/images/home/test-logos.png'" alt="logos for SSH and WinRM" /
.triangle-right
.row.strict-center.mobile-row
.large-6.medium-6.mobile-12.columns.margin-under-xs
.box-white.shadow.strict-center.fit-height.relative.slide-up
img.icon-art.margin-under-xs src="/images/home/run.svg" onerror="this.src='/images/home/run.png'" alt="image for Chef InSpec freedom"/
h4.t-purple Free to run anywhere
p
| Chef InSpec is an open-source language that can easily express compliance as code, with the freedom to run anywhere.
.triangle-right
.large-6.medium-6.mobile-12.columns.margin-under-xs
.box-white.shadow.strict-center.fit-height.relative.slide-up
img.icon-art.margin-under-xs src="/images/home/extensible.svg" onerror="this.src='/images/home/extensible.png'" alt="image for Chef InSpec's extensible language" /
h4.t-purple Extensible language
p
| Easily extend the Chef InSpec language to cover new operating systems, devices, or applications.
.triangle-right
/! use cases
.bg-gradient.margin-top
.pad-both.relative
#particles-second
canvas.particles-js-canvas-el
.slider
.row
.columns.selectors.mobile-hide.z-20
a.button.btn-lg.btn-slider.shadow-dark for Compliance
a.button.btn-lg.btn-slider.shadow-dark for Infrastructure
a.button.btn-lg.btn-slider.shadow-dark for Provisioning
.columns.selectors.slider-selectors.mobile-show.z-20
a.button.btn-lg.btn-slider.shadow-dark Compliance
a.button.btn-lg.btn-slider.shadow-dark Infrastructure
a.button.btn-lg.btn-slider.shadow-dark Provisioning
.view
.row
.large-7.medium-7.mobile-12.columns
h2.t-white.margin-both-sm
| Transform your compliance and security requirements into simple code
.row.mobile-row
.large-6.medium-6.mobile-12.columns.mobile-row
.box-white.shadow-dark.fit-height.z-20
.block.margin-both-xs
h4.t-purple Codify agreements
p Combine profiles and customize them with overlays. Pick controls and define exceptions as code.
.block.margin-under-xs
h4.t-purple Add context to your tests
p Utilize many fields like descriptions, tags, and impact.
.block
h4.t-purple Apply to all systems
p Analyze everything using the same codified profiles and controls.
.large-6.medium-6.mobile-12.columns
.box-dark.shadow-dark.fit-height.z-20
pre.t-white.align-vertical-50
code control 'sshd-21' do
code title 'Set SSH Protocol to 2'
code desc 'A detailed description'
code impact 1.0 # This is critical ref 'compliance guide, section 2.1'
code describe sshd_config do
code its('Protocol') { should cmp 2 }
code end
code end
.view
.row
.large-7.medium-7.mobile-12.columns
h2.t-white.margin-both-sm
| Solve your infrastructure testing needs simply and efficiently
.row.mobile-row
.large-6.medium-6.mobile-12.columns.mobile-row
.box-white.shadow-dark.fit-height.z-20
.block.margin-both-xs
h4.t-purple Test the desired state
p Verify the current desired state of your apps and infrastructure according to the code you write.
.block.margin-under-xs
h4.t-purple HUMAN-READABLE CODE
p Reduce friction by writing tests that are easy to understand by anyone.
.block
h4.t-purple Extensible
p Create custom resources with ease and share them easily with others.
.large-6.medium-6.mobile-12.columns
.box-dark.shadow-dark.fit-height.z-20
pre.t-white.align-vertical-50
code describe file('/etc/myapp.conf') do
code it { should exist }
code its('mode') { should cmp 0644 }
code end
br
code describe apache_conf do
code its('Listen') { should cmp 8080 }
code end
br
code describe port(8080) do
code it { should be_listening }
code end
.view
.row
.large-7.medium-7.mobile-12.columns
h2.t-white.margin-both-sm
| Verify provisioning to cloud providers
.row.mobile-row
.large-6.medium-6.mobile-12.columns.mobile-row
.box-white.shadow-dark.fit-height.z-20
.block.margin-both-xs
h4.t-purple Test AWS and Azure configuration
p Verify all necessary settings of your favorite public cloud providers.
.block.margin-under-xs
h4.t-purple Test provisioners
p Chef InSpec can be used in combination with Cloudformation, Azure resource manager templates and Terraform.
.block
h4.t-purple Verify security configuration
p Ensure that your cloud deployments are not open to malicious attacks due to misconfiguration.
.large-6.medium-6.mobile-12.columns
.box-dark.shadow-dark.fit-height.z-20
pre.t-white.align-vertical-50
code describe aws_s3_bucket(bucket_name: 'my_secret_files') do
code it { should exist }
code it { should_not be_public }
code end
br
code describe aws_iam_user(username: 'test_user') do
code it { should have_mfa_enabled }
code it { should_not have_console_password }
code end
.scrollToTop.shadow-dark
img#scrollup src="/images/home/arrow.svg" onerror="this.src='/images/home/arrow.png'" alt="image of scroll to top arrow"
Reference in a new issue View git blame Copy permalink