chef-os-hardening 3.0.0 is released

DevSec Hardening Framework project is releasing a new major release chef-os-hardening 3.0.0 today. The major points of this release are listed below, many thanks for the contributions and help we received from our users and community! Highlights and breaking changes: Blacklisting of filesystems (PR 169). Important: vfat is included in...


puppet-os-hardening 2.0.0 is released

DevSec Hardening Framework project is releasing a new major release puppet-os-hardening 2.0.0 today. Since this new version is the first release after 2.5 years, the changes are way too much for a short summary. Please checkout the full changelog and README for more details. We are looking forward to get...


cis-docker-benchmark 2.0.0 is released

DevSec Hardening Framework project is releasing a new major release of cis-docker-benchmark today. The major points of this release are listed below, however there are also many changes under the hood like cleanups of documentation and improvements of the InSpec Profile. Many thanks for the contributions and help we received...


CIS Kubernetes and CIS Independent Linux Benchmark

The mission of DevSec Hardening Framework is to provide users with the best content to stay secure across their infrastructure fleet. We started by providing hardening solutions written in Chef cookbooks, Puppet modules as well as Ansible modules. Beginning of this year, we started to transform our testing suite into...


chef-windows-hardening 0.9.0 is released

DevSec Hardening Framework project is releasing a new minor release chef-windows-hardening today. The release introduces the, always, disabling of SMB1 protocol on Windows operating systems. Note: This resource was introduced in the wake of the WannaCrypt/WannaCry ransomware worm which exploits a known vulnerability in the SMBv1 protocol Highlights and breaking...