STIG Automation W/ Chef and Inspec

219

Cite

Confreaks, LLC

Ray, John

Formal Metadata

Title

STIG Automation W/ Chef and Inspec

Title of Series

ChefConf 2017

Number of Parts

Author

Ray, John

License

CC Attribution - ShareAlike 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal and non-commercial purpose as long as the work is attributed to the author in the manner specified by the author or licensor and the work or content is shared also in adapted form only under the conditions of this

Identifiers

10.5446/34605 (DOI)

Publisher

Confreaks, LLC

Release Date

2017

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

The DoD's Security Technical Implementation Guides (STIGs) are the baseline for a vast majority of companies, But with 9 different profiles, and hundreds of individual action items how do you even begin? Join me as we look at how to use InSpec to ingest STIG data, how to read and determine what STIGs apply to you, and how to remediate those STIGs with Chef. We will explore the anatomy of a well written InSpec control and some of the more complex Chef and Ruby resources that allow you to successfully implement security hardening. Learn how to edit files in place, search and replace documents, and lessons learned from implementing the RHEL 6 STIG in both on premise and cloud environments.