chef-windows-hardening 0.9.0 is released

DevSec Hardening Framework project is releasing a new minor release chef-windows-hardening today. The release introduces the, always, disabling of SMB1 protocol on Windows operating systems. Note: This resource was introduced in the wake of the WannaCrypt/WannaCry ransomware worm which exploits a known vulnerability in the SMBv1 protocol Highlights and breaking...


New Ansible os-, ssh- and mysql-hardening releases

Hey friends, We released new versions of ansible-os-hardening, ansible-ssh-hardening and ansible-mysql-hardening! These releases are important to us in multiple ways: As always, they provide new features and configuration possibilities for you to use! More on that below. Complete tests in TravisCI Furthermore we now leverage the full possibilities of TravisCI...


Chef Software is contributing OpenStack Baseline

I am happy to announce that the Chef Partners Team contributed a new OpenStack Baseline to our DevSec project. This Baseline is implementing the OpenStack Security Guide in InSpec. JJ Asghar will continue to be a core maintainer. The baseline is already covering a wide range of checks for: block-storage...


chef-os-hardening 2.0.0 is released

DevSec Hardening Framework project is releasing a new major release chef-os-hardening 2.0.0 today. The major points of this release are listed below, however there are also many changes under the hood like cleanups of documentation, improvements of the cookbook testing. Many thanks for the contributions and help we received from...


chef-ssh-hardening 2.0.0 is released

DevSec Hardening Framework project is releasing a new major release chef-ssh-hardening 2.0.0 today. Highlights and breaking changes: On the modern chef versions (>= 12.10) autodiscovery of openssh version is used in the decision logic of crypto parameters New attribute namespace ['ssh-hardening'] for the entire cookbook Split of attributes to the...