Engineering the Future of Software
November 13–14, 2016: Training
November 14–16, 2016: Tutorials & Conference
San Francisco, CA

Compliance-driven infrastructure

Christoph Hartmann (Chef Software), Dominik Richter (Chef Software)
4:50pm–5:40pm Tuesday, 11/15/2016
Location: Grand Ballroom Level: Intermediate

Prerequisite knowledge

  • Familiarity with DevOps concepts

What you'll learn

  • Understand compliance as code and the new workflow that comes with this approach
  • Learn methods to integrate compliance and security into an existing CI/CD pipeline
  • Gain introductory knowledge for the creation of compliance tests and learn how CIS benchmarks are applied to infrastructure


Compliance-driven infrastructure is an approach to developing infrastructure that combines a configuration management framework with test-driven development (TDD) and industry compliance regulations like CIS benchmarks.

DevOps—a game-changing paradigm that enables teams to work in a lean and cost-effective way and focuses on improving the way we implement and deploy IT systems and how we work together—paved the way for a radical shift in infrastructure management. Despite all these advancements, ensuring quality and compliance and meeting industry regulations like PCI, NIST, or HIPAA are still very challenging tasks for high-velocity organizations.

Christoph Hartmann and Dominik Richter explore InSpec and explain how it enables you to easily incorporate compliance and security in your development workflow in order to rapidly ship high-quality and compliant software.

Photo of Christoph Hartmann

Christoph Hartmann

Chef Software

Christoph Hartmann is a cofounder and lead engineer at Chef, where he has spent the last decade building complex software and infrastructure systems. Previously, Christoph was responsible for automation at the innovation laboratory at Deutsche Telekom and created effective solutions managing the future their core networks. He is the cofounder of InSpec, Chef Compliance, and the project.

Photo of Dominik Richter

Dominik Richter

Chef Software

Dominik Richter is a product manager at Chef, an entrepreneur, and a leading expert in both security and automation. Dominik honed his abilities at Deutsche Telekom, where he headed the security of Telekom’s first OpenStack Cloud. He is a cofounder of InSpec, Chef Compliance, and the project.