• United States



UK Editor

Progress launches Chef Cloud Security to extend DevSecOps to cloud-native assets

May 11, 20223 mins
Cloud SecurityDevSecOps

The software provider has also enhanced its underlying security and compliance mechanism Chef InSpec with new features.

Infrastructure software provider Progress has announced the launch of Progress Chef Cloud Security to extend DevSecOps with compliance support for native cloud assets, enabling end-to-end management of on premise, cloud, and native cloud resources. In a press release, the company stated that the offering is complemented by new capabilities across the Chef portfolio targeting DevOps success in enterprise deployments to deliver a unified and scalable platform that accelerates the delivery of secure and compliant application releases in mixed computing environments.

Chef Cloud Security extends DevOps to cloud environments

As technology evolves and organizations look to the cloud, there is an increasing need for businesses to apply proven, trusted DevOps approaches to public, private, and hybrid cloud workloads to address cloud-based challenges, Progress said. Chef Cloud Security has therefore been designed to deliver the following benefits:

  • Facilitation of existing skillsets without time consuming and costly training for managing compliance and security posture for cloud-native technologies including containers, Kubernetes, and microservices
  • Support for native-cloud assets for multi-cloud deployment across AWS, Azure, Google, and Alibaba clouds using certified CIS/DISA STIG profiles to scan and automatically detect security configuration issues
  • Coordination of security, development, testing, and operations participation to make it easier to carryout security checks at every stage of the DevOps pipeline with coded artifacts, automated tests and enterprise control, and visibility
  • Support for success with t training, community and DevRel assistance, technical support as well as cloud-aligned pricing and licensing.

“As businesses pivot to a digital-first economy, cloud will continue to play an even greater, and even dominant, role as the IT industry focuses on delivering greater efficiency, flexibility and faster innovation,” commented Jim Mercer, research director, DevOps and DevSecOps, at IDC. “Chef’s product development priorities are focused on improving security and compliance outcomes for customers, creating a unified DevOps approach for application assets, and making the Chef portfolio easier to adopt and use,” he added.

New Chef InSpec features enhance compliance, security

Along with the release of the Chef Cloud Security offering, Progress has also announced new features in its underlying security and compliance mechanism Chef InSpec. The firm said it has expanded data protection to include SAP ASE, IBM DB2, Mongo, Cassandra, Oracle, MS SQL. It also provides host CIS coverage for new RHEL, CentOS, Ubuntu Linux distributions and Mac OS Monterey. Progress has also extended CIS benchmark profile coverage for AWS, Azure, and GCP, with customizable pre-built service and resource templates for more than 100 cloud resources to reduce security implementation effort.

“Over the past several years, Chef – now under the leadership of Progress – has placed significant focus on building out security and compliance capabilities to make the DevSecOps concept achievable for our customers,” said Sundar Subramanian, executive vice president and general manager, DevSecOps, Progress. “Through a policy-as-code approach, we are extremely excited to see what our customers will accomplish as they aspire to end-to-end DevOps.”

Progress is set to debut the latest additions to its portfolio during a live virtual event on May 25.

UK Editor

Michael Hill is the UK editor of CSO Online. He has spent the past five-plus years covering various aspects of the cybersecurity industry, with particular interest in the ever-evolving role of the human-related elements of information security. A keen storyteller with a passion for the publishing process, he enjoys working creatively to produce media that has the biggest possible impact on the audience.

More from this author