MiFID II Inspec Profile
Currently there is only 2 controls exist. Please don't forget these controls are written in a very hacky way for a DEMO.
- File integrity check within multiple-servers
- Encryption-at-rest check
Point github repository within your inspec profile, or download the repo as a ZIP file and import it into your Chef Compliance Server.
Chef Compliance server must have a redis server running locally in order to run this control properly. Redis server is being used for keeping accumulated data from all multiple targets. Currently the target count is set to 3
, and this must be changed from the code if required.
It checks *.data
files in /important/files
directory at target host, take an SHA256Sum and compare with the same files in other targets.
A new library is needed for this control to show it better on the output.
This control will check *.gpg
files in /important/files
directory at target host for any GPG-based encryption.
Profile: MiFID II Sample Compliance Checks (mifidii-compliance)
Version: 0.1.0
Target: local://
✔ encryption-01: Check if the files are encrypted with at least 2048 bit keys
✔ encryption encrypted should eq true
✔ encryption key_bits should >= 2048
✔ encryption encrypted should eq true
✔ encryption key_bits should >= 2048
✔ encryption encrypted should eq true
✔ encryption key_bits should >= 2048
✔ integrity-01: Check for integrity of important files if they are replicated correctly
✔ true should eq true
✔ 1 should be <= 3
✔ File ./test/a.data should be file
✔ File ./test/b.data should be file
Profile Summary: 2 successful, 0 failures, 0 skipped
Test Summary: 10 successful, 0 failures, 0 skipped