Many organizations face numerous challenges when modernizing their applications or migrating from on-premises applications to cloud-native microservices. This can include challenges such as deploying and managing their applications at scale, increased network complexity, managing costs and ensuring security.Red Hat and…
Category: Red Hat Security
Learn about trends and best practices from top security experts at Red Hat and NIST’s Cybersecurity Open Forum
Red Hat and the National Institute of Standards and Technology (NIST) are pleased to announce our third annual Cybersecurity Open Forum – Improving the Nation’s Cybersecurity. On April 24, 2024, cybersecurity experts will gather in Washington, D.C., to share best…
4 use cases for AI in cyber security
Artificial intelligence (AI) is being introduced to just about every facet of life these days. AI is being used to develop code, communicate with customers, and write in various media. Cyber security, particularly product security is another place AI can…
Red Hat Enterprise Linux 7: End of compliance content on June 30, 2024
As of Jun 30, 2024, the Red Hat Enterprise Linux (RHEL) 7 maintenance support 2 phase ends and Red Hat will no longer update compliance content for RHEL 7. Many policy providers, such as CIS and DISA, will no longer…
Understanding the Red Hat security impact scale
Red Hat uses a four-point impact scale to classify security issues affecting our products. Have you ever asked yourself what it takes and what the requirements are for each point of the scale? We will talk through the highlights of…
Introducing Confidential Containers Trustee: Attestation Services Solution Overview and Use Cases
In confidential computing environments, attestation is crucial in verifying the trustworthiness of the location where you plan to run your workload or where you plan to send confidential information. Before actually running the workload or transmitting the confidential information, you…
Introducing OpenShift Service Mesh 2.5
We are pleased to announce the release of Red Hat OpenShift Service Mesh 2.5. OpenShift Service Mesh is based on the Istio and Kiali projects, and is included as part of all subscription levels of Red Hat OpenShift. OpenShift Service…
Red Hat Quay 3.11: Smarter permissions, lifecycle, and AWS integration
The Quay team is excited to announce that Red Hat Quay 3.11 will be generally available this month. This release will introduce updates to permission management and image lifecycle automation automation for more effective management at scale. Significant updates include:Team-sync…
Red Hat OpenShift Service on AWS obtains FedRAMP “Ready” designation
We’re pleased to announce that the Red Hat FedRAMP offering, which includes Red Hat OpenShift Service on AWS (ROSA), has obtained the “Ready” designation from the FedRAMP Joint Authorization Board (JAB). This means that Red Hat is now listed on…
Confidential Containers for Financial Services on Public Cloud
Public clouds provide geo resilience in addition to being cost-effective when compared to on-premise deployments. Regulated industries such as the Financial Services Industry (FSI) traditionally have been unable to take advantage of public clouds since FSI is highly regulated from…
Bridging innovation and standards compliance: Red Hat’s drive towards the next-generation of government computing standards
From FIPS 140-3 to Common Criteria to DISA STIGs, Red Hat is constantly pursuing the next iteration of compliance for our customers. Red Hat’s mission has long been to bring community innovation to enterprise organizations, packaged in a hardened, production-ready…
Delivering a better view of system vulnerabilities with Red Hat Insights
Every system administrator needs to know about common vulnerabilities and exposures (CVEs) that affect their systems. Included with your Red Hat Enterprise Linux subscription is the Red Hat Insights vulnerability service which gives you a list of all of the…
eBPF wrapped 2023
When it comes to open-source innovation, Red Hat is committed to pushing technological boundaries and enhancing the capabilities of cutting-edge solutions. As we look back at 2023, we’ll discuss Red Hat’s role in advancing Extended Berkeley Packet Filter (eBPF) technology,…
Red Hat and RISC-V: To the far edge and beyond
Red Hat has always been an advocate of growth at the intersection of open source and computing solutions–which is exactly where RISC-V can be found. RISC-V is one of those technologies where the future is both evident and inevitable. By…
Patch management needs a revolution, part 3: Vulnerability scores and the concept of trust
This is the third part of Vincent Danen’s “Patch management needs a revolution” series.Patch management needs a revolution, part 1: Surveying cybersecurity’s lineagePatch management needs a revolution, part 2: The flood of vulnerabilitiesVulnerability ratings are the foundation for a good…
Enabling Peer Pods on IBM Z and LinuxONE with Red Hat OpenShift sandboxed containers
Red Hat OpenShift sandboxed containers (OSC) version 1.5.0, introduces Peer Pods to IBM Z and LinuxONE. This update is the product of a cooperation between IBM and Red Hat, and is an important step in improving sandboxed containers, paving the…
What’s next on the horizon for telecommunications service providers? A look at 2024 with Red Hat.
In 2023, Red Hat met with so many customers and partners – from industry event interactions and individual meeting rooms to cross country visits and late-night service calls, we’ve learned so much from our trusted ecosystem. With all of these…
Protecting your intellectual property and AI models using Confidential Containers
Protecting intellectual property and proprietary artificial intelligence (AI) models has become increasingly important in today’s business landscape. Unauthorized access can have disastrous consequences with respect to competitiveness, compliance and other vital factors, making it essential to implement leading security measures.…
Enterprise security challenges for CNI organizations: Technical solutions to address security challenges
This is the third post in a series of blogs looking at cybersecurity focusing on Critical National Infrastructure (CNI) organizations. This post identifies where Red Hat can help organizations reduce their risk using their technology, training, and services. Enterprise security…
Runtime security deep dive: Ask An OpenShift Admin episode 116
Runtime pertains to the active execution of a system, which may encompass infrastructure, applications operating within containers, or local systems. Runtime security refers to the security measures implemented while the application is actively running. This is especially important, as revealed…
The TLS Extended Master Secret and FIPS in Red Hat Enterprise Linux
Almost 10 years ago, researchers identified and presented the “triple handshake” man-in-the-middle attack in TLS 1.2. The vulnerability breaks confidentiality of the connection and allows an attacker to impersonate a client. In response, RFC 7627 introduced the Extended Master Secret…
Vulnerability Exploitability eXchange (VEX) beta files now available
Red Hat Product Security is pleased to announce that official Red Hat vulnerability data is now available in a new format called the Vulnerability Exploitability eXchange (VEX). In April 2023, we mentioned in an article titled “The future of Red…
DISA STIG for Red Hat Enterprise Linux 9 is now available
According to IDC, Linux operating system (OS) environments are expected to grow from 78% in 2021 to 82% in 2026 across physical, virtual, and cloud deployments. Fundamental to that growth is continued assurance that Linux OSs can provide organizations with…
Red Hat OpenShift Service on AWS assessed to process Australian Government Data at PROTECTED level
Red Hat—the world’s leading provider of open source solutions—is excited to announce the successful completion of the Infosec Registered Assessors Program (IRAP) assessment of Red Hat OpenShift Service on AWS (ROSA). IRAP is managed by the Australian Signals Directorate (ASD).…
Accelerated Encryption with 4th Gen Intel® Xeon® Scalable Processors
Earlier this year, Red Hat engineering took a close look at how to accelerate compression within applications by using 4th Gen Intel Xeon Scalable Processors that include Intel® QuickAssist Technology (Intel® QAT), which can accelerate both compression and encryption. Today…
DISA STIG for Red Hat OpenShift is now available
To help government agencies and regulated industries embrace cloud-native innovation at scale while enhancing their security posture, we are pleased to announce the publication of the Security Technical Implementation Guide (STIG) from the Defense Information Systems Agency (DISA) for Red…
Enterprise security challenges for CNI organizations: Overview of security challenges
This is the first in a series of three blog posts focusing on United Kingdom Critical National Infrastructure (CNI) cybersecurity. Part 1 will focus on giving readers an overview of the problem space that CNI organizations face, Part 2 will…
Improving containerization security with Red Hat OpenShift
In today’s rapidly evolving technology landscape, organizations increasingly embrace containerization to achieve greater scalability, portability, and efficiency in their application deployments. While containerization has its benefits, it also can present IT security challenges that must be addressed to improve the…
Better securing the frontlines: Leveraging Ansible Automation Platform and AIDE for DoD file integrity
A lot of system administrators within the Department of Defense already use the Advanced Intrusion Detection Environment (AIDE). This is mainly because of a Security Technical Implementation Guide (STIG) that states that a file integrity checker must be configured to…
Persistent volume support with peer-pods: Solution overview
Peer-pods, also known as the Kata remote hypervisor, enable the creation of Kata Virtual Machines (VM) on any environment, be it on-prem or in the cloud, without requiring bare metal servers or nested virtualization support. This is accomplished by extending…
Hardening SSH connections to managed hosts with Red Hat Ansible Automation Platform
Red Hat Ansible Automation Platform is a platform for implementing enterprise-wide automation, which makes it an ideal tool for your security audits. Security has many layers, but this article focuses on mitigating SSH attacks on managed hosts. While you can’t…
The State of Edge Security Report
Edge computing has grown from being a niche use case in a handful of industries to offering a major opportunity for enterprises across industries to spread compute power around the world (or universe, as in the case of workloads in…
Red Hat Insights Compliance: Introducing new customization options for policies
Maintaining compliance to cybersecurity standards can be a daunting task, but you can mitigate that by using Red Hat Insights. With the latest feature update, the Red Hat Insights Compliance reporting service now allows you to edit the rules in…
Confidential containers with AMD SEV
Based on Kata Containers, the Confidential Containers (CoCo) project is a community solution to enable hardware technologies for virtualized memory encryption in container environments through attestation. CoCo SEV enables an encrypted container launch feature by utilizing a remote key broker…
Building security certifications into your image builder blueprint
I imagine I am not the only systems administrator who struggled with driving security compliance across a disparate fleet of Linux systems. It took up hours of administrative time and often required interaction with a third-party auditor to validate the…
OpenShift sandboxed containers on-prem: Going nested without nested
Peer-pods is a new Red Hat OpenShift feature that enables an OpenShift sandboxed container (OSC) running on a bare-metal deployment to run on OpenShift in a public cloud and on VMware. It’s not uncommon to want to run OpenShift in…
Red Hat: Building a quantum-ready world
As the world’s leading provider of enterprise-ready open source software, Red Hat is uniquely positioned to help prepare the widely varying users of its embedded platform cryptography for the transition to a post-quantum world. In fact, the US Government calls…
Confidential computing: 5 support technologies to explore
This article is the last in a six-part series (see my previous blog) presenting various usage models for Confidential Computing, a set of technologies designed to protect data in use. In this article, I explore interesting support technologies under active…
FIRST Announces CVSS v4.0 Public Preview
The Common Vulnerability Scoring System (CVSS) is well known in the world of product security, development and IT. “The Common Vulnerability Scoring System provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting…
RHEL confidential virtual machines on Azure: A technical deep dive
The Red Hat Enterprise Linux 9.2 CVM Preview image for Azure confidential VMs has been released, and it represents an important step forward in confidential virtual machines. In this article, I focus on the changes Implemented to support the emerging…
Best practices for patch management
As a Solution Architect, I’m often asked what Red Hat’s best practices are for patch management. In this article, I’m going to cut through the noise, linking to relevant work and materials where appropriate, to offer some focused guidance around…
Red Hat compliance certifications and attestations achieved
For nearly two decades, Red Hat has been helping both public and private entities adapt to changing IT security requirements and concerns. Red Hat achieves a wide range of cybersecurity validations and certifications for our products and services in global…
Confidential containers on Azure with OpenShift: setup guide
Confidential containers (CoCo) is a new feature of Red Hat OpenShift sandboxed containers that leverages Trusted Execution Environment (TEE) technology to isolate your containers from the host and other containers. In this blog post, you will learn how to set…
Introduction to confidential virtual machines
In this post, we will present confidential virtual machines (CVMs) as one of the use cases of confidential computing as well as the security benefits expected from this emerging technology. We will focus on the high level requirements for the…
Securing D-Bus based connections with mTLS and double proxy
When we started the discussions on the requirements that led to the development of Hirte (introduced by Pierre-Yves Chibon and Daniel Walsh in their blog post), we explored using systemctl with its –host parameter to manage systemd units on remote…
Confidential computing: From root of trust to actual trust
This article is the fourth in a six-part series where we present various use cases for confidential computing—a set of technologies designed to protect data in use, like memory encryption, and what needs to be done to get the technologies’…
Improving supply chain resiliency with Red Hat Trusted Software Supply Chain
The software supply chain has quickly become the latest target for malicious actors, with targeted attacks on foundational software components intended to orchestrate data breaches, initiate service outages or worse. Today, we announced the release of Red Hat Trusted Software…
Confidential Containers on Azure with OpenShift: A technical deep dive
Red Hat OpenShift sandboxed containers has taken a significant step forward in workload and data security by adopting the components and principles of the CNCF Confidential Containers (CoCo) open source project and the underlying Trusted Execution Environment (TEE) technology. The…
Attestation in confidential computing
This article is the second in a six-part series (see our previous blog), where we present various usage models for confidential computing, a set of technologies designed to protect data in use—for example using memory encryption—and the requirements to get…
Confidential computing primer
<p>This article is the first in a six-part series in which we present various usage models for <strong>confidential computing</strong>, a set of technologies designed to protect data in use—for example by using memory encryption—and the requirements to get the expected…
The future of Red Hat security data
<p>Red Hat security data is a central source of truth for Red Hat products regarding published, known vulnerabilities. The availability of accurate information in security data can help provide the correct risk assessment process in customers' vulnerability management programs, which…
The State of Kubernetes Security in 2023
<p>Despite Kubernetes still being a relatively young technology, adoption rates have soared over the past several years as the container orchestration platform has become the cornerstone for many digital transformation initiatives. Even as organizations settle in with their use of…
Deploying confidential containers on the public cloud
<p>In this article we will describe how Microsoft and Red Hat are collaborating in the open source community to show how Red Hat <a href="https://www.redhat.com/en/technologies/cloud-computing/openshift">OpenShift</a> can be deployed on <a href="https://aka.ms/azurecc">Azure Confidential Computing</a> for providing confidential container capabilities to its…
Learn about Confidential Containers
<drupal-media data-align="center" data-entity-type="media" data-entity-uuid="86dcee13-494e-41e0-a1ed-419306586e5d"></drupal-media> <h3>What are Confidential Containers?</h3> <p><strong><a href="https://github.com/confidential-containers">Confidential Containers</a></strong> (CoCo) is a new sandbox project of the <a href="https://www.cncf.io/">Cloud Native Comput This article has been indexed from Red Hat Security Read the original article: Learn about Confidential Containers
DISA releases the first Ansible STIG
<p>As IT environments become more complex, especially as cloud-native technologies, cloud services and traditional hardware all interact to meet evolving business demands, automation remains a key organizational strategy. Automation helps manage and maintain operations at a greater scale, speed and…
Demystifying risk using CVEs and CVSS
<p>For some time now, the conversation around what poses risk in software vulnerabilities has been evolving. It has been gratifying to hear other voices amplifying what I, and generally Red Hat, have been saying for years: not all vulnerabilities in…
Red Hat OpenShift sandboxed containers for debugging with elevated privileges
<p>When debugging or tracing running workloads in <strong><a href="https://www.redhat.com/en/technologies/cloud-computing/openshift">Red Hat OpenShift</a></strong> deployments, there will frequently be a need to run the workloads with elevated privileges. This is not possible or desirable in production deployments, however, due to the risks to…
Red Hat Shares – Security automation
<p><em>The Red Hat Shares newsletter helps IT leaders navigate the complicated world of IT―the open source way.</em></p> <div class="rc-cta-primary"><a href="https://www.redhat.com/en/email-preferences?newsletter=RH-shares&intcmp=7013a0000034h0bAAA">Subscribe to Red Hat Shares</a></div> <hr /> <div class="rc-title-emphasis">FROM THE EDITOR</div> <h3>De This article has been indexed from Red Hat Security…
Securing open source development: A supply chain perspective
<p>Product security is the foundation of our software delivery at Red Hat. Developing open source is extraordinary, and we strive for the best standards since our code is open. While this is a broad subject, my focus is secure development,…
How to use Red Hat Insights malware detection service
<p>Did you know that <strong><a href="https://www.redhat.com/en/technologies/management/insights">Red Hat Insights</a></strong> for <strong><a href="https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux">Red Hat Enterprise Linux</a></strong> (RHEL) can be used to help detect the presence of malware? This makes it more likely that you'll know when a RHEL system has sustained a…
Taking patch management to the next level with automation
<h3>Implementing the CISA known exploited vulnerability mandate with greater ease</h3> <p><br /> <img alt="" height="229" src="https://lh4.googleusercontent.com/xGj9oBUjSLNwwGwJq9ZIrzXXkhqhmFUFuEzmO7_Zu1zGXT8_s8vBfnXCOE8arv0FJIDYRQJ9wdjymsY1mmzIWsuhELntj4oY1QdPY1FzL0xrnB56jMVXmw80nbXALoHtq3Z5ngkuBsOyjDt3820LNrtKXkvjUM5LW5tjPVQYbIvt_1ZROpZX0BAdqEFyNQ" width="357" /></p> <p><em>Source: <a href=&qu This article has been indexed from Red Hat Security Read the original article: Taking patch management to the next…
A Brief History of Cryptography
<p>Cryptology is a young science.</p> <p>Though it has been used for thousands of years to hide secret messages, systematic study of cryptology as a science (and perhaps an art) just started around one hundred years ago.</p> <p>The first known evidence…
Red Hat Insights malware detection service is now generally available
<p>Following <a href="https://www.redhat.com/en/blog/getting-started-red-hat-insights-malware-detection">the announcement of the beta of the Red Hat Insights malware detection service</a> in August, we are pleased to announce that this service is now generally available. The malware detection service is a monitoring and assessment tool that…
Red Hat Government Symposium 2022: Unleashing innovation, powering missions
<p>Across government, organizations have extended operations from the datacenter to multiple public clouds to the edge. Now they need to manage data and deliver intelligent capabilities across those environments. More than ever, they must achieve those goals with greater simplicity,…
Automate like an expert with Ansible validated content
<p>During <strong><a href="https://www.ansible.com/ansiblefest">AnsibleFest 2022</a></strong>, we announced the launch of <strong>Ansible validated content</strong>. This new initiative is focused on delivering an expert-led approach for automating your platform portfolio across infrastructure, networking, cloud, security and edge use cases.</p> <p>Ansible validated content is…
Using system tags to enable extended security hardening recommendations
<p>Today we present a new way to use the <strong><a href="https://www.redhat.com/en/technologies/management/insights">Red Hat Insights</a></strong> Advisor service by <a href="https://access.redhat.com/articles/6981482">using system tags</a> to enable extended security hardening recommendations.</p> <p>Not all systems are equal. For example, a web server and a workstation have…
Understanding the Confidential Containers Attestation Flow
<h2><span><span><span><span><span><span>Introduction to attestation</span></span></span></span></span></span></h2> <p><span><span><span><span><span><span>Attestation is a confidential computing keystone. With attestation, workload owners can fully assert the trustworthiness of the hardware and software This article has been indexed from Red Hat Security Read the original article: Understanding the Confidential Containers…
Red Hat OpenShift: How to create and integrate a private registry with stronger security capabilities
<p><span><span><span><span><span><span>A private registry can be useful for storing Linux </span></span></span></span></span></span><a href="https://www.redhat.com/en/topics/containers"><span><span><span><span><span><span><span><span>container images</span>&am This article has been indexed from Red Hat Security Read the original article: Red Hat OpenShift: How to create and integrate a private registry with stronger security capabilities
Red Hat Enterprise Linux and Microsoft security update of November 2022
<p><span><span><span><span><span><span>On November 8th, 2022, Microsoft released a series of security updates for various Windows operating systems to fix two security issues:</span></span></span></span></span></span></p> <ul> <li aria-level="1"><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966"& This article has been indexed from Red Hat Security Read the original article: Red Hat…
Red Hat Enterprise Linux and Microsoft security update of November 2022
<p><span><span><span><span><span><span>On November 8th, 2022, Microsoft released a series of security updates for various Windows operating systems to fix two security issues:</span></span></span></span></span></span></p> <ul> <li aria-level="1"><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966"& This article has been indexed from Red Hat Security Read the original article: Red Hat…
Using daysofrisk.pl with the Red Hat Security Data API
A few months ago, I wrote my first blog for Red Hat: Getting a list of fixes for a Red Hat product between two dates is easy with daysofrisk.pl This article has been indexed from Red Hat Security Read the…
Cryptographic signatures for zip distributions
Red Hat’s products are distributed through numerous methods, including RPMs, ISOs and zip files. Over the past several months, we have been working across the organization to design and implement a plan to provide signatures for all zip file types…
Post-quantum cryptography: Hash-based signatures
Last quarter, I introduced the issue where our existing public key cryptography algorithms are vulnerable to a potentially new form of computers called quantum computers. In this article I introduce one of the better understood potential replacements: Hash-based signatures. This…
Service Preview of Red Hat Advanced Cluster Security Cloud Service
Container and Kubernetes adoption brings the promise of faster application development and delivery at larger scales — however, it also brings with it new security challenges. Protecting cloud-native applications can require significant changes in how organizations approach IT security. They…
Cryptographic signatures for zip distributions
Red Hat’s products are distributed through numerous methods, including RPMs, ISOs and zip files. Over the past several months, we have been working across the organization to design and implement a plan to provide signatures for all zip file types…
Service Preview of Red Hat Advanced Cluster Security Cloud Service
Container and Kubernetes adoption brings the promise of faster application development and delivery at larger scales — however, it also brings with it new security challenges. Protecting cloud-native applications can require significant changes in how organizations approach IT security. They…
Red Hat OpenShift security portfolio grows with new Red Hat Insights Vulnerability service
Red Hat Insights, which is included with Red Hat subscriptions, analyzes platforms and applications to help enterprises manage hybrid cloud environments. Insights uses predictive analytics and deep domain expertise to reduce complex operational tasks from hours to minutes, including identifying…
Red Hat OpenShift security portfolio grows with new Red Hat Insights Vulnerability service
Red Hat Insights, which is included with Red Hat subscriptions, analyzes platforms and applications to help enterprises manage hybrid cloud environments. Insights uses predictive analytics and deep domain expertise to reduce complex operational tasks from hours to minutes, including identifying…
Red Hat OpenShift security portfolio grows with new Red Hat Insights Vulnerability service
Red Hat Insights, which is included with Red Hat subscriptions, analyzes platforms and applications to help enterprises manage hybrid cloud environments. Insights uses predictive analytics and deep domain expertise to reduce complex operational tasks from hours to minutes, including identifying…
Open source incident response solutions
Red Hat leads the tech industry’s cutting edge practices for the resolution of cybersecurity issues. Red Hat does this by providing relevant and accessible information and enabling the larger community to make well-informed decisions about security issues. This article has…
What is the Confidential Containers project?
Confidential Containers (CoCo) is a new sandbox project of the Cloud Native Computing Foundation (CNCF) that enables cloud-native confidential computing by taking advantage of a variety of hardware platforms and technologies. This article has been indexed from Red Hat Security…
Connecting to the RHEL web console, part 2: Running the Cockpit web server
The Red Hat Enterprise Linux (RHEL) web console provides a web-based graphical interface for managing and monitoring systems. The web console can be used to complete a wide variety of tasks, such as managing storage, users, the firewall, monitoring performance…
Red Hat Shares ― Edge computing: Security
The Red Hat Shares newsletter helps IT leaders navigate the complicated world of IT―the open source way. This article has been indexed from Red Hat Security Read the original article: Red Hat Shares ― Edge computing: Security
Connecting to the RHEL web console, part 2: Running the Cockpit web server
The Red Hat Enterprise Linux (RHEL) web console provides a web-based graphical interface for managing and monitoring systems. The web console can be used to complete a wide variety of tasks, such as managing storage, users, the firewall, monitoring performance…
Edge solutions in rail transportation deliver efficiencies, security and flexibility with open source solutions
Railway systems have been around for centuries and serve as a highly cost-effective method for freight delivery and rail is growing in popularity among passengers. Rail systems with a significant legacy operational technology (OT) footprint are just embarking on the…
Red Hat Shares ― Edge computing: Security
The Red Hat Shares newsletter helps IT leaders navigate the complicated world of IT―the open source way. This article has been indexed from Red Hat Security Read the original article: Red Hat Shares ― Edge computing: Security
Edge solutions in rail transportation deliver efficiencies, security and flexibility with open source solutions
Railway systems have been around for centuries and serve as a highly cost-effective method for freight delivery and rail is growing in popularity among passengers. Rail systems with a significant legacy operational technology (OT) footprint are just embarking on the…
Role-based access control for Red Hat Hybrid Cloud Console
Red Hat Hybrid Cloud Console uses role-based access controls (RBAC) to restrict network access to services and resources based on user roles. Role permissions are either assigned or inherited through a role hierarchy and can be as broad—or granular—as needed,…
Connecting to the RHEL web console, part 1: SSH access methods
There are two primary methods available to remotely manage and administer a Red Hat Enterprise Linux (RHEL) system: the command line interface over an SSH connection and the RHEL web console. This article has been indexed from Red Hat Security…
How to integrate Red Hat Advanced Cluster Security for Kubernetes with ServiceNow
In this post I will go through how you can integrate and send policy alert notifications from Red Hat Advanced Cluster Security for Kubernetes (RHACS) to ServiceNow. This article has been indexed from Red Hat Security Read the original article:…
Role-based access control for Red Hat Hybrid Cloud Console
Red Hat Hybrid Cloud Console uses role-based access controls (RBAC) to restrict network access to services and resources based on user roles. Role permissions are either assigned or inherited through a role hierarchy and can be as broad—or granular—as needed,…
Connecting to the RHEL web console, part 1: SSH access methods
There are two primary methods available to remotely manage and administer a Red Hat Enterprise Linux (RHEL) system: the command line interface over an SSH connection and the RHEL web console. This article has been indexed from Red Hat Security…
Enhancing application container security and compliance with Podman
As organizations adopt container-based ecosystems, the approach to continuous IT security and compliance must shift from traditional system security assessments to new methodologies that account for how cloud-based technologies operate. Containers enable agnosticism amongst cloud computing operating environments by packaging…
The art and science of secure open source software development
For many, writing a computer program isn’t that hard—it simply requires a certain amount of structural and logical thinking and a clear understanding of the syntax of the language you are using. This article has been indexed from Red Hat…
Shadow IT and shadow IoT
Can an IoT coffee maker leak company secrets? Where do you put the ‘S’ in ‘IoT’? Join Alison Naylor, Senior Manager for Information Security at Red Hat, in this episode of Security Detail as she discusses the importance of securing…
Red Hat extends Common Vulnerabilities and Exposure Program expertise as newly-minted Root organization
When it comes to identifying potential security vulnerabilities in software, the technology industry has relied upon the Common Vulnerabilities and Exposure (CVE) system for more than two decades. Red Hat is a long-time contributor to this program, first helping the…
Getting started with Red Hat Insights malware detection
The beta of Red Hat Insights malware detection service is now available. This article has been indexed from Red Hat Security Read the original article: Getting started with Red Hat Insights malware detection
Streamlining IT security operations with Red Hat Insights and Red Hat Satellite
In this article, we explore what Red Hat Insights and Red Hat Satellite have to offer individually, and then we will look at how you can have a heightened experience of the two products with the use of Cloud Connector.…
Implementing security benchmarks with Red Hat Ansible Automation Platform
This article is the first in a two-part series. Here we take a step back and look at the evolving IT security risk landscape and how it is impacting organizations, after which we’ll look at a suggested automated compliance architecture.…
I will take the Red (Hat) SLSA please: Introducing a framework for measuring supply chain security maturity
With the uptick in software supply chain attacks over the last couple of years, we have harnessed a particular focus on software supply chain security within our Product Security organization. The Open Source Security Foundation (OpenSSF), in collaboration with several…