-
A GitHub community health profile compliance check
-
Shared test suite for chef-client hardening - InSpec Profile.
This Compliance Profile ensures the chef-client configuration is hardened.
-
This InSpec compliance profile implement the CIS Docker 1.11.0 Benchmark in an automated way to provide security best-practices tests around Docker daemon and containers in a production environment.
InSpec is an open-source run-time framework and rule language used to specify compliance, security, and policy requirements for testing any node in your infrastructure.
-
Apache compliance profile, used for Security + DevOps. More information is available at http://dev-sec.io
-
Linux compliance profile, used for Security + DevOps. More information is available at http://dev-sec.io
-
Linux patch compliance profile, used for Security + DevOps. More information is available at http://dev-sec.io
-
MySQL compliance profile, used for Security + DevOps. More information is available at http://dev-sec.io
-
NGINX compliance profile, used for Security + DevOps. More information is available at http://dev-sec.io
-
PHP compliance profile, used for Security + DevOps. More information is available at http://dev-sec.io
-
PostgreSQL compliance profile, used for Security + DevOps. More information is available at http://dev-sec.io
-
SSH compliance profile, used for Security + DevOps. More information is available at http://dev-sec.io
-
SSL/TLS compliance profile, used for Security + DevOps. More information is available at http://dev-sec.io
-
Windows compliance profile, used for Security + DevOps. More information is available at http://dev-sec.io
-
Windows patch compliance profile, used for Security + DevOps. More information is available at http://dev-sec.io
-
A library InSpec compliance profile containing a custom `ec2_instance` resource that can be used to test `meta-data` and `user-data` for AWS EC2 nodes. It does not require AWS API credentials since the resource is retrieving the data on the target ec2 nodes using the `http://169.254.169.254/` metadata API.
-
InSpec profile for compliance with AEM security checklist
-
This profile does not perform compliance tests. It is intended to be used in assessing whether a target node for a Chef Server is set up correctly to meet the documented prerequisites, verify that the external API is functioning correctly, that file permissions haven't been changed errantly, and that there aren't any "red flags" that we've encountered that cause issues for customers.
This Inspec profile is not a substitute for adequate performance and system health monitoring. It can supplement those tools well, however.
-
Just a test to pull in a compliance profile to test in test kitchen
-
A library InSpec compliance profile containing an ssl_certificate resource that allows you to validate your SSL Certificates for properties like: key size, hash algorithm, days before expire, existence, trust, etc
-
An InSpec compliance profile for use with Chef Compliance Server.
