MITRE InSpec Assessor Course

# 1. About InSpec

  • InSpec is an open-source, community-developed compliance validation framework
  • Provides a mechanism for defining machine-readable compliance and security requirements
  • Easy to create, validate, and read content
  • Cross-platform (Windows, Linux, Mac)
  • Agnostic to other DevOps tools and techniques
  • Integrates into multiple CM tools

# 1.1. Orchestration, Configuration Management, Validation to Deployment

InSpec operates with most orchestration and CM tools found in the DevOps pipeline implementations Alt text

# 1.2. Automating Security Validation Using InSpec

Alt text

# 1.3. Processing InSpec Results

Alt text

2. Course overview