Category: Red Hat Security

Earlier this year, Red Hat engineering took a close look at how to accelerate compression within applications by using 4th Gen Intel Xeon Scalable Processors that include Intel® QuickAssist Technology (Intel® QAT), which can accelerate both compression and encryption. Today…

Read more →

To help government agencies and regulated industries embrace cloud-native innovation at scale while enhancing their security posture, we are pleased to announce the publication of the Security Technical Implementation Guide (STIG) from the Defense Information Systems Agency (DISA) for Red…

Read more →

This is the first in a series of three blog posts focusing on United Kingdom Critical National Infrastructure (CNI) cybersecurity. Part 1 will focus on giving readers an overview of the problem space that CNI organizations face, Part 2 will…

Read more →

In today’s rapidly evolving technology landscape, organizations increasingly embrace containerization to achieve greater scalability, portability, and efficiency in their application deployments. While containerization has its benefits, it also can present IT security challenges that must be addressed to improve the…

Read more →

A lot of system administrators within the Department of Defense already use the Advanced Intrusion Detection Environment (AIDE). This is mainly because of a Security Technical Implementation Guide (STIG) that states that a file integrity checker must be configured to…

Read more →

Peer-pods, also known as the Kata remote hypervisor, enable the creation of Kata Virtual Machines (VM) on any environment, be it on-prem or in the cloud, without requiring bare metal servers or nested virtualization support. This is accomplished by extending…

Read more →

Red Hat Ansible Automation Platform is a platform for implementing enterprise-wide automation, which makes it an ideal tool for your security audits. Security has many layers, but this article focuses on mitigating SSH attacks on managed hosts. While you can’t…

Read more →

Edge computing has grown from being a niche use case in a handful of industries to offering a major opportunity for enterprises across industries to spread compute power around the world (or universe, as in the case of workloads in…

Read more →

Maintaining compliance to cybersecurity standards can be a daunting task, but you can mitigate that by using Red Hat Insights. With the latest feature update, the Red Hat Insights Compliance reporting service now allows you to edit the rules in…

Read more →

Based on Kata Containers, the Confidential Containers (CoCo) project is a community solution to enable hardware technologies for virtualized memory encryption in container environments through attestation. CoCo SEV enables an encrypted container launch feature by utilizing a remote key broker…

Read more →

I imagine I am not the only systems administrator who struggled with driving security compliance across a disparate fleet of Linux systems. It took up hours of administrative time and often required interaction with a third-party auditor to validate the…

Read more →

Peer-pods is a new Red Hat OpenShift feature that enables an OpenShift sandboxed container (OSC) running on a bare-metal deployment to run on OpenShift in a public cloud and on VMware. It’s not uncommon to want to run OpenShift in…

Read more →

As the world’s leading provider of enterprise-ready open source software, Red Hat is uniquely positioned to help prepare the widely varying users of its embedded platform cryptography for the transition to a post-quantum world. In fact, the US Government calls…

Read more →

This article is the last in a six-part series (see my previous blog) presenting various usage models for Confidential Computing, a set of technologies designed to protect data in use. In this article, I explore interesting support technologies under active…

Read more →

The Common Vulnerability Scoring System (CVSS) is well known in the world of product security, development and IT. “The Common Vulnerability Scoring System provides a way to capture the principal characteristics of a vulnerability and produce a numerical score reflecting…

Read more →

The Red Hat Enterprise Linux 9.2 CVM Preview image for Azure confidential VMs has been released, and it represents an important step forward in confidential virtual machines. In this article, I focus on the changes Implemented to support the emerging…

Read more →

As a Solution Architect, I’m often asked what Red Hat’s best practices are for patch management. In this article, I’m going to cut through the noise, linking to relevant work and materials where appropriate, to offer some focused guidance around…

Read more →

For nearly two decades, Red Hat has been helping both public and private entities adapt to changing IT security requirements and concerns. Red Hat achieves a wide range of cybersecurity validations and certifications for our products and services in global…

Read more →

Confidential containers (CoCo) is a new feature of Red Hat OpenShift sandboxed containers that leverages Trusted Execution Environment (TEE) technology to isolate your containers from the host and other containers. In this blog post, you will learn how to set…

Read more →

In this post, we will present confidential virtual machines (CVMs) as one of the use cases of confidential computing as well as the security benefits expected from this emerging technology. We will focus on the high level requirements for the…

Read more →

When we started the discussions on the requirements that led to the development of Hirte (introduced by Pierre-Yves Chibon and Daniel Walsh in their blog post), we explored using systemctl with its –host parameter to manage systemd units on remote…

Read more →

This article is the fourth in a six-part series where we present various use cases for confidential computing—a set of technologies designed to protect data in use, like memory encryption, and what needs to be done to get the technologies’…

Read more →

The software supply chain has quickly become the latest target for malicious actors, with targeted attacks on foundational software components intended to orchestrate data breaches, initiate service outages or worse. Today, we announced the release of Red Hat Trusted Software…

Read more →

Red Hat OpenShift sandboxed containers has taken a significant step forward in workload and data security by adopting the components and principles of the CNCF Confidential Containers (CoCo) open source project and the underlying Trusted Execution Environment (TEE) technology. The…

Read more →

This article is the second in a six-part series (see our previous blog), where we present various usage models for confidential computing, a set of technologies designed to protect data in use—for example using memory encryption—and the requirements to get…

Read more →

<p>This article is the first in a six-part series in which we present various usage models for <strong>confidential computing</strong>, a set of technologies designed to protect data in use—for example by using memory encryption—and the requirements to get the expected…

Read more →

<p>Red Hat security data is a central source of truth for Red Hat products regarding published, known vulnerabilities. The availability of accurate information in security data can help provide the correct risk assessment process in customers' vulnerability management programs, which…

Read more →

<p>Despite Kubernetes still being a relatively young technology, adoption rates have soared over the past several years as the container orchestration platform has become the cornerstone for many digital transformation initiatives. Even as organizations settle in with their use of…

Read more →

<p>In this article we will describe how Microsoft and Red Hat are collaborating in the open source community to show how Red Hat <a href="https://www.redhat.com/en/technologies/cloud-computing/openshift">OpenShift</a> can be deployed on <a href="https://aka.ms/azurecc">Azure Confidential Computing</a> for providing confidential container capabilities to its…

Read more →

<drupal-media data-align="center" data-entity-type="media" data-entity-uuid="86dcee13-494e-41e0-a1ed-419306586e5d"></drupal-media> <h3>What are Confidential Containers?</h3> <p><strong><a href="https://github.com/confidential-containers">Confidential Containers</a></strong> (CoCo) is a new sandbox project of the <a href="https://www.cncf.io/">Cloud Native Comput This article has been indexed from Red Hat Security Read the original article: Learn about Confidential Containers

Read more →

<p>As IT environments become more complex, especially as cloud-native technologies, cloud services and traditional hardware all interact to meet evolving business demands, automation remains a key organizational strategy. Automation helps manage and maintain operations at a greater scale, speed and…

Read more →

<p>For some time now, the conversation around what poses risk in software vulnerabilities has been evolving. It has been gratifying to hear other voices amplifying what I, and generally Red Hat, have been saying for years: not all vulnerabilities in…

Read more →

<p>When debugging or tracing running workloads in <strong><a href="https://www.redhat.com/en/technologies/cloud-computing/openshift">Red Hat OpenShift</a></strong> deployments, there will frequently be a need to run the workloads with elevated privileges. This is not possible or desirable in production deployments, however, due to the risks to…

Read more →

<p><em>The Red Hat Shares newsletter helps IT leaders navigate the complicated world of IT―the open source way.</em></p> <div class="rc-cta-primary"><a href="https://www.redhat.com/en/email-preferences?newsletter=RH-shares&amp;intcmp=7013a0000034h0bAAA">Subscribe to Red Hat Shares</a></div> <hr /> <div class="rc-title-emphasis">FROM THE EDITOR</div> <h3>De This article has been indexed from Red Hat Security…

Read more →

<p>Product security is the foundation of our software delivery at Red Hat. Developing open source is extraordinary, and we strive for the best standards since our code is open. While this is a broad subject, my focus is secure development,…

Read more →

<p>Did you know that <strong><a href="https://www.redhat.com/en/technologies/management/insights">Red Hat Insights</a></strong> for <strong><a href="https://www.redhat.com/en/technologies/linux-platforms/enterprise-linux">Red Hat Enterprise Linux</a></strong> (RHEL) can be used to help detect the presence of malware? This makes it more likely that you'll know when a RHEL system has sustained a…

Read more →

<h3>Implementing the CISA known exploited vulnerability mandate with greater ease</h3> <p><br /> <img alt="" height="229" src="https://lh4.googleusercontent.com/xGj9oBUjSLNwwGwJq9ZIrzXXkhqhmFUFuEzmO7_Zu1zGXT8_s8vBfnXCOE8arv0FJIDYRQJ9wdjymsY1mmzIWsuhELntj4oY1QdPY1FzL0xrnB56jMVXmw80nbXALoHtq3Z5ngkuBsOyjDt3820LNrtKXkvjUM5LW5tjPVQYbIvt_1ZROpZX0BAdqEFyNQ" width="357" /></p> <p><em>Source: <a href=&qu This article has been indexed from Red Hat Security Read the original article: Taking patch management to the next…

Read more →

<p>Cryptology is a young science.</p> <p>Though it has been used for thousands of years to hide secret messages, systematic study of cryptology as a science (and perhaps an art) just started around one hundred years ago.</p> <p>The first known evidence…

Read more →

<p>Following <a href="https://www.redhat.com/en/blog/getting-started-red-hat-insights-malware-detection">the announcement of the beta of the Red Hat Insights malware detection service</a> in August, we are pleased to announce that this service is now generally available. The malware detection service is a monitoring and assessment tool that…

Read more →

<p>Across government, organizations have extended operations from the datacenter to multiple public clouds to the edge. Now they need to manage data and deliver intelligent capabilities across those environments. More than ever, they must achieve those goals with greater simplicity,…

Read more →

<p>During <strong><a href="https://www.ansible.com/ansiblefest">AnsibleFest 2022</a></strong>, we announced the launch of <strong>Ansible validated content</strong>. This new initiative is focused on delivering an expert-led approach for automating your platform portfolio across infrastructure, networking, cloud, security and edge use cases.</p> <p>Ansible validated content is…

Read more →

<p>Today we present a new way to use the <strong><a href="https://www.redhat.com/en/technologies/management/insights">Red Hat Insights</a></strong> Advisor service by <a href="https://access.redhat.com/articles/6981482">using system tags</a> to enable extended security hardening recommendations.</p> <p>Not all systems are equal. For example, a web server and a workstation have…

Read more →

<h2><span><span><span><span><span><span>Introduction to attestation</span></span></span></span></span></span></h2> <p><span><span><span><span><span><span>Attestation is a confidential computing keystone. With attestation, workload owners can fully assert the trustworthiness of the hardware and software This article has been indexed from Red Hat Security Read the original article: Understanding the Confidential Containers…

Read more →

<p><span><span><span><span><span><span>A private registry can be useful for storing Linux </span></span></span></span></span></span><a href="https://www.redhat.com/en/topics/containers"><span><span><span><span><span><span><span><span>container images</span>&am This article has been indexed from Red Hat Security Read the original article: Red Hat OpenShift: How to create and integrate a private registry with stronger security capabilities

Read more →

<p><span><span><span><span><span><span>On November 8th, 2022, Microsoft released a series of security updates for various Windows operating systems to fix two security issues:</span></span></span></span></span></span></p> <ul> <li aria-level="1"><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966"&amp This article has been indexed from Red Hat Security Read the original article: Red Hat…

Read more →

<p><span><span><span><span><span><span>On November 8th, 2022, Microsoft released a series of security updates for various Windows operating systems to fix two security issues:</span></span></span></span></span></span></p> <ul> <li aria-level="1"><a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-37966"&amp This article has been indexed from Red Hat Security Read the original article: Red Hat…

Read more →

A few months ago, I wrote my first blog for Red Hat: Getting a list of fixes for a Red Hat product between two dates is easy with daysofrisk.pl This article has been indexed from Red Hat Security Read the…

Read more →

Red Hat’s products are distributed through numerous methods, including RPMs, ISOs and zip files. Over the past several months, we have been working across the organization to design and implement a plan to provide signatures for all zip file types…

Read more →

Last quarter, I introduced the issue where our existing public key cryptography algorithms are vulnerable to a potentially new form of computers called quantum computers. In this article I introduce one of the better understood potential replacements: Hash-based signatures. This…

Read more →

Container and Kubernetes adoption brings the promise of faster application development and delivery at larger scales — however, it also brings with it new security challenges. Protecting cloud-native applications can require significant changes in how organizations approach IT security. They…

Read more →

Red Hat’s products are distributed through numerous methods, including RPMs, ISOs and zip files. Over the past several months, we have been working across the organization to design and implement a plan to provide signatures for all zip file types…

Read more →

Container and Kubernetes adoption brings the promise of faster application development and delivery at larger scales — however, it also brings with it new security challenges. Protecting cloud-native applications can require significant changes in how organizations approach IT security. They…

Read more →

Red Hat Insights, which is included with Red Hat subscriptions, analyzes platforms and applications to help enterprises manage hybrid cloud environments. Insights uses predictive analytics and deep domain expertise to reduce complex operational tasks from hours to minutes, including identifying…

Read more →

Red Hat Insights, which is included with Red Hat subscriptions, analyzes platforms and applications to help enterprises manage hybrid cloud environments. Insights uses predictive analytics and deep domain expertise to reduce complex operational tasks from hours to minutes, including identifying…

Read more →

Red Hat Insights, which is included with Red Hat subscriptions, analyzes platforms and applications to help enterprises manage hybrid cloud environments. Insights uses predictive analytics and deep domain expertise to reduce complex operational tasks from hours to minutes, including identifying…

Read more →

Red Hat leads the tech industry’s cutting edge practices for the resolution of cybersecurity issues. Red Hat does this by providing relevant and accessible information and enabling the larger community to make well-informed decisions about security issues. This article has…

Read more →

Confidential Containers (CoCo) is a new sandbox project of the Cloud Native Computing Foundation (CNCF) that enables cloud-native confidential computing by taking advantage of a variety of hardware platforms and technologies. This article has been indexed from Red Hat Security…

Read more →

The Red Hat Enterprise Linux (RHEL) web console provides a web-based graphical interface for managing and monitoring systems. The web console can be used to complete a wide variety of tasks, such as managing storage, users, the firewall, monitoring performance…

Read more →

The Red Hat Shares newsletter helps IT leaders navigate the complicated world of IT―the open source way. This article has been indexed from Red Hat Security Read the original article: Red Hat Shares ― Edge computing: Security

Read more →

The Red Hat Enterprise Linux (RHEL) web console provides a web-based graphical interface for managing and monitoring systems. The web console can be used to complete a wide variety of tasks, such as managing storage, users, the firewall, monitoring performance…

Read more →

Railway systems have been around for centuries and serve as a highly cost-effective method for freight delivery and rail is growing in popularity among passengers. Rail systems with a significant legacy operational technology (OT) footprint are just embarking on the…

Read more →

The Red Hat Shares newsletter helps IT leaders navigate the complicated world of IT―the open source way. This article has been indexed from Red Hat Security Read the original article: Red Hat Shares ― Edge computing: Security

Read more →

Railway systems have been around for centuries and serve as a highly cost-effective method for freight delivery and rail is growing in popularity among passengers. Rail systems with a significant legacy operational technology (OT) footprint are just embarking on the…

Read more →

Red Hat Hybrid Cloud Console uses role-based access controls (RBAC) to restrict network access to services and resources based on user roles.  Role permissions are either assigned or inherited through a role hierarchy and can be as broad—or granular—as needed,…

Read more →

There are two primary methods available to remotely manage and administer a Red Hat Enterprise Linux (RHEL) system: the command line interface over an SSH connection and the RHEL web console. This article has been indexed from Red Hat Security…

Read more →

In this post I will go through how you can integrate and send policy alert notifications from Red Hat Advanced Cluster Security for Kubernetes (RHACS) to ServiceNow.  This article has been indexed from Red Hat Security Read the original article:…

Read more →

Red Hat Hybrid Cloud Console uses role-based access controls (RBAC) to restrict network access to services and resources based on user roles.  Role permissions are either assigned or inherited through a role hierarchy and can be as broad—or granular—as needed,…

Read more →

There are two primary methods available to remotely manage and administer a Red Hat Enterprise Linux (RHEL) system: the command line interface over an SSH connection and the RHEL web console. This article has been indexed from Red Hat Security…

Read more →

As organizations adopt container-based ecosystems, the approach to continuous IT security and compliance must shift from traditional system security assessments to new methodologies that account for how cloud-based technologies operate. Containers enable agnosticism amongst cloud computing operating environments by packaging…

Read more →

For many, writing a computer program isn’t that hard—it simply requires a certain amount of structural and logical thinking and a clear understanding of the syntax of the language you are using. This article has been indexed from Red Hat…

Read more →

Can an IoT coffee maker leak company secrets? Where do you put the ‘S’ in ‘IoT’? Join Alison Naylor, Senior Manager for Information Security at Red Hat, in this episode of Security Detail as she discusses the importance of securing…

Read more →

When it comes to identifying potential security vulnerabilities in software, the technology industry has relied upon the Common Vulnerabilities and Exposure (CVE) system for more than two decades. Red Hat is a long-time contributor to this program, first helping the…

Read more →

The beta of Red Hat Insights malware detection service is now available. This article has been indexed from Red Hat Security Read the original article: Getting started with Red Hat Insights malware detection

Read more →

In this article, we explore what Red Hat Insights and Red Hat Satellite have to offer individually, and then we will look at how you can have a heightened experience of the two products with the use of Cloud Connector.…

Read more →

This article is the first in a two-part series. Here we take a step back and look at the evolving IT security risk landscape and how it is impacting organizations, after which we’ll look at a suggested automated compliance architecture.…

Read more →

With the uptick in software supply chain attacks over the last couple of years, we have harnessed a particular focus on software supply chain security within our Product Security organization. The Open Source Security Foundation (OpenSSF), in collaboration with several…

Read more →