Mirrors/inspec
2
0
Fork 0
mirror of https://github.com/inspec/inspec synced 2024-11-15 01:17:08 +00:00
Code Issues Projects Releases Packages Wiki Activity
inspec/www/source/index.html.slim
hannah-radish 53b80c3706 InSpec SEO (#2725) 
* Alt tags and meta descriptions

* add sitemap support

* Sitemap Priority

Signed-off-by: hannah-radish <hmaddy@chef.io>

* Jerry's feedback

Signed-off-by: Dominik Richter <dominik.richter@gmail.com>
2018-02-21 16:42:55 -08:00

288 lines
14 KiB
Text
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
title: InSpec - Audit and Automated Testing Framework
description: InSpec is an open source (OSS) automated testing tool for integration, compliance, security, and other policy requirements. Easily test your network and systems on-site or on cloud platforms such as AWS, Azure, and Docker Containers.
priority: 1.0
change_frequency: daily
---
/! header
header.bg-gradient.margin-top-offset.short-bg.relative
.row.align.margin-top-sm
.large-7.medium-7.mobile-12.columns.z-20
.margin-both
h1.t-white InSpec is compliance as code
h3.t-white Turn your compliance, security, and other policy requirements into automated tests.
/! buttons
.row.align.columns.margin-top-sm.mobile-row-btn
a.button.btn-lg.btn-purple.shadow-dark.margin-right-xs.mobile-row-btn href="/downloads"
i.fa.fa-cloud-download
span download inspec 2.0
a.button.btn-lg.btn-white-o.shadow-dark.mobile-row-btn href="/tutorials" browse tutorials
a class="github-button" href="https://github.com/chef/inspec" data-size="large" data-show-count="true" aria-label="Star chef/inspec on GitHub" Star
.large-5.medium-5.columns.relative.mobile-hide
/! diamond image
img.diamond src="/images/home/diamond.png" alt="image of diamond"/
img.grid-animate.fit.z-20 src="/images/home/web.svg" onerror="this.src='/images/home/web.png'" alt="image of grid"/
/! announcement
.row.columns
.box-white.shadow.z-20
h3 What's new in InSpec 2.0?
p See into the cloud for continuous compliance everywhere.
.margin-top-sm.brdr-left.large-11.medium-11
.margin-left-sm.slide-left
h4.t-purple cloud
p InSpec now supports testing configurations for cloud provider platforms such as AWS or Azure. Test additional components, such as Docker containers and network infrastructure — without adding anything extra.
.margin-top-xs.brdr-left.large-11.medium-11
.margin-left-sm.slide-left
h4.t-purple coverage
p 30 new resources to get you started writing compliance rules for apps, containers, and system configuration files.
.margin-top-xs.brdr-left.large-11.medium-11
.margin-left-sm.slide-left
h4.t-purple speed
p Significantly faster, with 90% performance gains on Windows and 30% gains on Linux.
#expand
.margin-top-xs.brdr-left.large-11.medium-11
.margin-left-sm.slide-left
h4.t-purple Integration
p Chef Automate can be used as a source for compliance profiles and to store InSpec reports for compliance and security audits. InSpec results can be exported in JUnit format for integration into CI/CD tools like Jenkins.
.margin-top-xs.brdr-left.large-11.medium-11
.margin-left-sm.slide-left
h4.t-purple Ease
p Its now easier to write and debug custom resources you create using InSpec Shell.
.margin-top-xs
a#expandBtn Show all new features
/! canvas elements
#particles-js.particles
canvas.particles-js-canvas-el /
/! Get started
.margin-both
.row.relative
.columns
hr
small.t-gray How InSpec works
h2.txt-margin Get started with InSpec in 3 simple steps
hr
a.button.btn-lg.btn-purple.shadow-dark.margin-top-xs.mobile-hide href="/demo" try the inspec demo
.large-5.medium-5.columns.blue-grid.mobile-hide
img.grid-animate.fit src="/images/community/blue-web.svg" onerror="this.src='/images/community/blue-web.png'" alt="image of grid"
.margin-top-sm
.row.align.mobile-row
.large-6.medium-6.mobile-12.columns
.flex.align
.num-container
h3.t-purple 1
.block.margin-left-sm
h4.t-purple write the test
p Create simple Ruby-based tests to verify your expected state against the current state of your systems.
.large-6.medium-6.mobile-12.columns
.flex.align.slide-right
.tooltip-triangle
.box-dark.box-scroll.tip.shadow
pre.slide-up-slow.animate-delay-10
code control 'example-1.0' do
code impact 0.9
code title 'Ensure login disabled'
code desc 'An optional description...'
code describe sshd_config do
code its('PermitRootLogin') {
code should_not cmp 'yes'
code }
code end
code end
.margin-top-xs
.row.align.mobile-row
.large-6.medium-6.mobile-12.columns
.flex.align
.num-container
h3.t-purple 2
.block.margin-left-sm
h4.t-purple run the test
p Execute your test against your target system locally or remotely with one simple command.
.large-6.medium-6.mobile-12.columns
.flex.align.slide-right
.tooltip-triangle
.box-dark.tip.shadow
pre
code $ inspec exec linux-baseline
.margin-top-xs
.row.align.mobile-row
.large-6.medium-6.mobile-12.columns
.flex.align
.num-container
h3.t-purple 3
.block.margin-left-sm
h4.t-purple See the results
p See which tests failed, passed and skipped and the expected state against the current state of your target system, in one simple output.
.large-6.medium-6.mobile-12.columns
.flex.align.slide-right
.tooltip-triangle
.box-dark.box-scroll.tip.shadow
pre.slide-up-slow.animate-delay-20
code Profile: InSpec Profile (example_profile)
code Version: 0.1.0
code Target: local://
br
code ✔ example-1.0: Ensure root login is disabled via SSH
code ✔ SSHD Configuration PermitRootLogin should not cmp == "yes"
br
code Profile Summary: 1 successful control, 0 control failures, 0 controls skipped
code Test Summary: 1 successful, 0 failures, 0 skipped
/! how it works
.row.relative.margin-under-sm
.columns.strict-center
hr.center
small.t-gray Features of InSpec
h2.txt-margin InSpec is compliance by design
hr.center
.row.strict-center.mobile-row
.large-6.medium-6.columns.mobile-12.margin-under-xs
.box-white.shadow.strict-center.fit-height.relative.slide-up
img.icon-art.margin-under-xs src="/images/home/platform.svg" onerror="this.src='/images/home/platform.png'" alt="image for InSpec platform support"/
h4.t-purple Platform Agnostic
p
| InSpec supports all major operating systems and is platform agnostic, allowing you the freedom to run compliance and security tests anywhere.
img.icon-logos src="/images/home/platform-logos.svg" onerror="this.src='/images/home/platform-logos.png'" alt="logos for Linux, Windows, Azure, Mac, Ubuntu, Docker container, AWS, VMware"/
.triangle-right
.large-6.medium-6.columns.mobile-12.margin-under-xs
.box-white.shadow.strict-center.fit-height.relative.slide-up
img.icon-art.margin-under-xs src="/images/home/test.svg" onerror="this.src='/images/home/test.png'" alt="image for InSpec remote and local testing"/
h4.t-purple Test locally or remotely
p
| InSpec provides a local agent for host-based assessments, as well as full remote testing support via SSH and WinRM.
img.icon-logos src="/images/home/test-logos.svg" onerror="this.src='/images/home/test-logos.png'" alt="logos for SSH and WinRM" /
.triangle-right
.row.strict-center.mobile-row
.large-6.medium-6.mobile-12.columns.margin-under-xs
.box-white.shadow.strict-center.fit-height.relative.slide-up
img.icon-art.margin-under-xs src="/images/home/run.svg" onerror="this.src='/images/home/run.png'" alt="image for InSpec freedom"/
h4.t-purple Free to run anywhere
p
| InSpec is an open-source language that can easily express compliance as code, with the freedom to run anywhere.
.triangle-right
.large-6.medium-6.mobile-12.columns.margin-under-xs
.box-white.shadow.strict-center.fit-height.relative.slide-up
img.icon-art.margin-under-xs src="/images/home/extensible.svg" onerror="this.src='/images/home/extensible.png'" alt="image for InSpec's extensible language" /
h4.t-purple Extensible language
p
| Easily extend the InSpec language to cover new operating systems, devices, or applications.
.triangle-right
/! use cases
.bg-gradient.margin-top
.pad-both.relative
#particles-second
canvas.particles-js-canvas-el
.slider
.row
.columns.selectors.mobile-hide.z-20
a.button.btn-lg.btn-slider.shadow-dark for Compliance
a.button.btn-lg.btn-slider.shadow-dark for Infrastructure
a.button.btn-lg.btn-slider.shadow-dark for Provisioning
.columns.selectors.slider-selectors.mobile-show.z-20
a.button.btn-lg.btn-slider.shadow-dark Compliance
a.button.btn-lg.btn-slider.shadow-dark Infrastructure
a.button.btn-lg.btn-slider.shadow-dark Provisioning
.view
.row
.large-7.medium-7.mobile-12.columns
h2.t-white.margin-both-sm
| Transform your compliance and security requirements into simple code
.row.mobile-row
.large-6.medium-6.mobile-12.columns.mobile-row
.box-white.shadow-dark.fit-height.z-20
.block.margin-both-xs
h4.t-purple Codify agreements
p Combine profiles and customize them with overlays. Pick controls and define exceptions as code.
.block.margin-under-xs
h4.t-purple Add context to your tests
p Utilize many fields like descriptions, tags, and impact.
.block
h4.t-purple Apply to all systems
p Analyze everything using the same codified profiles and controls.
a.button.btn-lg.btn-purple.shadow-dark.margin-top-xs.mobile-hide href="/demo" try the inspec demo
.large-6.medium-6.mobile-12.columns
.box-dark.shadow-dark.fit-height.z-20
pre.t-white.align-vertical-50
code control 'sshd-21' do
code title 'Set SSH Protocol to 2'
code desc 'A detailed description'
code impact 1.0 # This is critical ref 'compliance guide, section 2.1'
code describe sshd_config do
code its('Protocol') { should cmp 2 }
code end
code end
.view
.row
.large-7.medium-7.mobile-12.columns
h2.t-white.margin-both-sm
| Solve your infrastructure testing needs simply and efficiently
.row.mobile-row
.large-6.medium-6.mobile-12.columns.mobile-row
.box-white.shadow-dark.fit-height.z-20
.block.margin-both-xs
h4.t-purple Test the desired state
p Verify the current desired state of your apps and infrastructure according to the code you write.
.block.margin-under-xs
h4.t-purple HUMAN-READABLE CODE
p Reduce friction by writing tests that are easy to understand by anyone.
.block
h4.t-purple Extensible
p Create custom resources with ease and share them easily with others.
a.button.btn-lg.btn-purple.shadow-dark.margin-top-xs.mobile-hide href="/demo" try the inspec demo
.large-6.medium-6.mobile-12.columns
.box-dark.shadow-dark.fit-height.z-20
pre.t-white.align-vertical-50
code describe file('/etc/myapp.conf') do
code it { should exist }
code its('mode') { should cmp 0644 }
code end
br
code describe myapp.conf do
code its('port') { should cmp 8080 }
code end
br
code describe port(8080) do
code it { should be_listening }
code end
.view
.row
.large-7.medium-7.mobile-12.columns
h2.t-white.margin-both-sm
| Verify provisioning to cloud providers
.row.mobile-row
.large-6.medium-6.mobile-12.columns.mobile-row
.box-white.shadow-dark.fit-height.z-20
.block.margin-both-xs
h4.t-purple Test AWS and Azure configuration
p Verify all necessary settings of your favorite public cloud providers.
.block.margin-under-xs
h4.t-purple Test provisioners
p InSpec can be used in combination with Cloudformation, Azure resource manager templates and Terraform.
.block
h4.t-purple Verify security configuration
p Ensure that your cloud deployments are not open to malicious attacks due to misconfiguration.
a.button.btn-lg.btn-purple.shadow-dark.margin-top-xs.mobile-hide href="/demo" try the inspec demo
.large-6.medium-6.mobile-12.columns
.box-dark.shadow-dark.fit-height.z-20
pre.t-white.align-vertical-50
code describe aws_s3_bucket(bucket_name: 'my_secret_files') do
code it { should exist }
code it { should_not be_public }
code end
br
code describe aws_iam_user(username: 'test_user') do
code it { should have_mfa_enabled }
code it { should_not have_console_password }
code end
.scrollToTop.shadow-dark
img#scrollup src="/images/home/arrow.svg" onerror="this.src='/images/home/arrow.png'" alt="image of scroll to top arrow"
Reference in a new issue View git blame Copy permalink