Continuous Patch and Security Assessment with InSpec

Explore continuous patch and security assessment using InSpec in this conference talk from AppSec EU 2017. Learn how InSpec, an open-source infrastructure testing tool, can help enforce secure configurations and assess machine states more effectively than traditional DevOps tools. Discover InSpec's human and machine-readable assessment language, its extendability, and customization options. Understand how automated testing with InSpec enables companies to assess and enforce secure configurations across their IT infrastructure. See demonstrations of patch and security level assessment in CI/CD and production environments. Gain insights into best practices for server hardening and patching, and learn how to overcome common challenges in enforcing security rules continuously.