CI/CD / Cloud Native Ecosystem / Security

Chef Extends Security and Compliance Across Hybrid Cloud

9 Jun 2022 6:02am, by

The launch of Progress’ Chef Cloud Security represents a major Progress security platform release since Progress acquired Chef in 2020. With the Chef platform under the Chef product umbrella, organizations can take advantage of extended DevSecOps capabilities with compliance support across on-premises and multicloud environments. 

“This launch helps to solve cloud misconfigurations and compliance across on-premises and hybrid cloud environments, which fall under the security and compliance categories in the traditional compliance space,” Prashanth Nanjundappa, vice president of product management at Progress, told The New Stack. “And similarly for the container and Kubernetes world, we also help solve specific use cases around container security and this is our first launch to solve that problem. We are helping address the misconfiguration and compliance aspects of cloud in a very comprehensive manner and some aspects of container security, such as securing Docker hosts security and your Kubernetes control plane and image.”

Beyond the Traditional Space

Chef Cloud Security is part of the Chef product push to extend beyond its traditional space of on-premise environments. To that end, Chef Cloud Security is available for leading cloud environments and for certain SAS customers as part of a four-pronged approach, with a focus on security and compliance across these hybrid environments.

“Chef Cloud Security is available across all distribution channels,” Nanjundappa said.

Delivering greater efficiency, flexibility and faster innovation is essential for DevOps teams as worldwide cloud spending surpasses 1.3 trillion by 2025 and “businesses pivot to a digital-first economy and the cloud continues to play an even greater and dominant role,” Jim Mercer, an analyst for IDC, said. 

“Chef’s product development priorities are focused on improving security and compliance outcomes for customers, creating a unified DevOps approach for application assets, and making the Chef portfolio easier to adopt and use,” Mercer said.

The key benefits Chef Cloud Security offers that Progress communicated include: 

  • Enabling existing in-house skill sets while helping to avoid time-consuming and costly training for managing compliance and security posture for cloud-native technologies, including containers, Kubernetes and microservices.
  • Support for cloud assets for multicloud deployment across AWS, Azure, Google and Alibaba clouds using certified CIS/DISA STIG profiles to scan and automatically detect security configuration issues continually.
  • Coordination of security, development, testing and operations participation to facilitate a shift in security checks to the left of CI/CD by applying policy checks at every stage of the DevOps pipeline with coded artifacts, automated tests, enterprise control and visibility via a policy as code (PaaC) approach.

The New Stack is a wholly owned subsidiary of Insight Partners, an investor in the following companies mentioned in this article: Docker.