Ben Bleything provides an introduction to automated infrastructure and compliance testing using the open source InSpec framework and related tooling. You’ll leave with the knowledge and experience necessary to start implementing test suites for your own infrastructure. Learn the basics of InSpec and get hands-on experience writing controls for common cases like baking a golden image and basic integration testing of deployed services.
You’ll work through a scenario where you’ll detect and mitigate a security vulnerability and implement a series of controls to detect and prevent future vulnerabilities. Finally, Ben talks about compliance testing. You’ll implement an InSpec profile that pulls in community profiles for basic OS hardening as well as implements custom controls for policy compliance.
This tutorial is sponsored by Google Cloud.
Ben Bleything is a developer and sysadmin from Seattle, Washington. He’s best known as one of the world’s leading experts in the emerging field of clown computering. In his spare time, Ben is a developer advocate at Google, where he’s focused on making the experience of operating software on Google Cloud as awesome as possible.
Comments on this page are now closed.
For exhibition and sponsorship opportunities, email velocity@oreilly.com
For information on trade opportunities with O'Reilly conferences, email partners@oreilly.com
View a complete list of Velocity contacts
©2019, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • confreg@oreilly.com
Comments
Hello –
I am wondering if this tutorial might be a good fit for me. I am a capacity planner and am interested in testing our infrastructure in a number of ways (on prem & in the cloud).
However, I do not have experience as a linux admin and I have not extensively used command line beyond “back yard” use. I was wondering if this will be over my head?
Thanks very much for your time – I apprediate your input.