New Ansible os-, ssh- and mysql-hardening releases

Hey friends, We released new versions of ansible-os-hardening, ansible-ssh-hardening and ansible-mysql-hardening! These releases are important to us in multiple ways: As always, they provide new features and configuration possibilities for you to use! More on that below. Complete tests in TravisCI Furthermore we now leverage the full possibilities of TravisCI...


Chef Software is contributing OpenStack Baseline

I am happy to announce that the Chef Partners Team contributed a new OpenStack Baseline to our DevSec project. This Baseline is implementing the OpenStack Security Guide in InSpec. JJ Asghar will continue to be a core maintainer. The baseline is already covering a wide range of checks for: block-storage...


chef-os-hardening 2.0.0 is released

DevSec Hardening Framework project is releasing a new major release chef-os-hardening 2.0.0 today. The major points of this release are listed below, however there are also many changes under the hood like cleanups of documentation, improvements of the cookbook testing. Many thanks for the contributions and help we received from...


chef-ssh-hardening 2.0.0 is released

DevSec Hardening Framework project is releasing a new major release chef-ssh-hardening 2.0.0 today. Highlights and breaking changes: On the modern chef versions (>= 12.10) autodiscovery of openssh version is used in the decision logic of crypto parameters New attribute namespace ['ssh-hardening'] for the entire cookbook Split of attributes to the...


We are happy to announce our new DevSec baselines

Happy New Year DevSec users, from day one of the DevSec Hardening Framework project, we used the same test suites for our Ansible, Chef and Puppet implementations. Those test suites have been implemented in Serverspec and helped us to enforce the same rules for all hardening implementations. The combination with...