InSpec is an open source testing framework for infrastructure with a human- and machine-readable language for specifying compliance, security, and policy requirements. Using a combination of command-line and remote-execution tools, InSpec can help you keep your infrastructure aligned with security and compliance guidelines on an ongoing basis, rather than waiting for and then remediating from arduous annual audits. InSpec’s flexibility makes it a key tool choice for incorporating security into a complete continuous delivery workflow, reducing the risk of new features and releases breaking established host-based security guidelines.
Mandi Walls covers the basics of working with InSpec, writing tests to reflect your organization’s security guidelines, and managing InSpec as part of a high-velocity workflow.
Mandi Walls is a developer advocate at Chef. Mandi travels the world helping organizations increase their effectiveness using configuration management and modernizing IT practices. Previously, she ran large web properties for AOL, including AOL.com, Games.com, and Moviefone. She’s a regular speaker at technical conferences and is the author of Building a DevOps Culture, published by O’Reilly. Mandi holds a master’s degree in computer science from GWU and an MBA from UNC Kenan-Flagler.
©2016, O’Reilly UK Ltd • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • email@example.com