Extending the power of DevSecOps to cloud-native assets, Progress has released its Progress Chef Cloud Security solution. It would enable end-to-end management of all on-premises, cloud, and native cloud resources.
This new service is accompanied by new Chef features aimed at achieving DevOps success in the most demanding and complicated enterprise installations.
“Worldwide cloud spending will surpass 1.3 trillion by 2025; as businesses pivot to a digital-first economy, cloud will continue to play an even greater, and even dominant, role as the IT industry focuses on delivering greater efficiency, flexibility and faster innovation,” said Jim Mercer, Research Director, DevOps & DevSecOps, IDC. “Chef’s product development priorities are focused on improving security and compliance outcomes for customers, creating a unified DevOps approach for application assets, and making the Chef portfolio easier to adopt and use.”
Chef is being used to help enterprises manage DevOps, which is complicated by new technologies, various deployment environments, and never-ending business application requirements. Organizations can use Progress Chef Cloud Security to expand their established, trusted DevOps strategy to manage any mix of public, private, and hybrid cloud workloads.
To sum up, this new offering would bring the following advantages:
- Allows current skillsets to manage compliance and security posture for cloud native technologies like as Containers, Kubernetes, and microservices without the need for time-consuming and costly training, enabling the broadest possible DevOps coverage across whole fleets of assets.
- Supports native-cloud assets for multi-cloud deployment across AWS, Azure, Google, and Alibaba clouds by scanning and automatically detecting security configuration concerns using certified CIS/DISA STIG profiles.
- With the help of coded artifacts, automated tests, and enterprise control and visibility, it would be simple to move security checks to the left and apply policy checks at every level of the DevOps pipeline.
- It would bolster success with the right mix of training, community and DevRel assistance, technical support as well as cloud aligned pricing and licensing.
Achieving Compliance Success
Progress continues to invest in Progress Chef InSpec, the basic underlying security and compliance mechanism, to complement the new Chef Cloud Security offering:
- New Data Source and Host Support – Organizations aim to leverage their existing DevOps techniques to manage new assets when new technologies are deployed. Data protection for SAP ASE, IBM DB2, Mongo, Cassandra, Oracle, and MS SQL has been enhanced, as well as host CIS coverage for new RHEL, CentOS, Ubuntu Linux distributions, and Mac OS Monterey.
- Cloud Protection and Scale – Many firms are forced to grapple with various public clouds when they migrate to the cloud. With customized pre-built service and resource templates for 100+ cloud resources, Progress has enhanced CIS benchmark profile coverage for AWS, Azure, and GCP, minimizing security installation work while simultaneously delivering best-in-class scale and performance.
- Ease of Use – Progress continues to invest in facilitating DevOps practitioner success in the quest to accelerate DevOps journeys. Automated production of code, test, and documentation artifacts for new resources, increased visibility into the status and estimated completion time for compliance scans, and expanded Shell command support for control and testing without file output are now available to DevOps workers.
Extending ‘Infrastructure as Code’ to ‘Policy as Code’
Chef has used the same concepts to provide a ‘policy as code’ for security and compliance, as a long-time proponent of collaboration-based ‘infrastructure as code.’ Chef now enables enterprises to use a single ‘as cod’ approach for infrastructure, application, desktop, security, and compliance issues across their full on-premise, cloud, and edge device inventory.
The Progress Chef Enterprise Automation Stack (EAS) now offers the whole range of Chef capabilities, which is intended for scalability to satisfy the needs of the world’s largest multinational companies. It now includes these new features:
- Combining Configuration and Compliance Processing – Using a single consolidated policy definition, Chef now allows DevOps workloads to seamlessly combine infrastructure configuration processing with compliance assessments. This new feature would streamline the process of implementing and running compliance audits by providing a single management and visibility layer that can handle end-to-end processing of configuration updates, state validation and enforcement, data aggregation and integration for analysis, and action triggers using ServiceNow, Splunk, ELK, and other tools.
- Chef ‘High Availability’ (HA) – Chef solutions are used by companies in a variety of sectors to maintain high uptime and resilience of their essential systems. Chef now comes with a built-in HA architecture for increased scalability, resilience, and recovery of important systems. It comes with enterprise-grade capabilities that match the flexible expectations of underlying infrastructure growth and security compliance out of the box.
“Over the past several years, Chef – now under the leadership of Progress – has placed significant focus on building out security and compliance capabilities to make the DevSecOps concept achievable for our customers,” said Sundar Subramanian, Executive Vice President & General Manager DevSecOps at Progress. “Through a policy-as-code approach, we are extremely excited to see what our customers will accomplish as they aspire to end-to-end DevOps.”