Ben Bleything provides an introduction to automated infrastructure and compliance testing using the open source InSpec framework and related tooling. You’ll leave with the knowledge and experience necessary to start implementing test suites for your own infrastructure. Learn the basics of InSpec and get hands-on experience writing controls for common cases like baking a golden image and basic integration testing of deployed services.
You’ll work through a scenario where you’ll detect and mitigate a security vulnerability and implement a series of controls to detect and prevent future vulnerabilities. Finally, Ben talks about compliance testing. You’ll implement an InSpec profile that pulls in community profiles for basic OS hardening as well as implements custom controls for policy compliance.
This tutorial is sponsored by Google Cloud.
Ben Bleything is a developer and sysadmin from Seattle, Washington. He’s best known as one of the world’s leading experts in the emerging field of clown computering. In his spare time, Ben is a developer advocate at Google, where he’s focused on making the experience of operating software on Google Cloud as awesome as possible.
Comments on this page are now closed.
©2019, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • firstname.lastname@example.org