Chef Cloud Security helps organisations extend their DevOps processes to managing any combination of public, private and hybrid cloud workloads, according to Progress.
The new product is said to allow DevOps teams to use their existing skills to manage compliance and security posture for cloud native technologies including containers, Kubernetes and microservices.
It supports multi-cloud deployment across AWS, Azure, Google and Alibaba clouds using certified CIS/DISA STIG profiles to continually scan and automatically detect security configuration issues, and applies policy checks at every stage of the DevOps pipeline using a Policy as Code approach.
Progress also announced improvements to Progress Chef InSpec, including additional data source and host support (including SAP ASE, IBM DB2, Mongo, Cassandra, Oracle, MS SQL, RHEL, CentOS, Ubuntu Linux distributions and Mac OS Monterey), expanded CIS benchmark profile coverage (for AWS, Azure, and GCP). and ease of use improvements (including automated creation of code, test and documentation artifacts for new resources, improved visibility into the status and expected completion time for compliance scans, and advanced Shell command support for control and testing without file output).
Progress Chef Enterprise Automation Stack has also been updated with combined configuration and compliance processing, and out of the box support for a high availability topology.
"Over the past several years, Chef – now under the leadership of Progress – has placed significant focus on building out security and compliance capabilities to make the DevSecOps concept achievable for our customers," said Progress executive vice president and general manager of DevSecOps Sundar Subramanian.
"Through a policy-as-code approach, we are extremely excited to see what our customers will accomplish as they aspire to end-to-end DevOps."