Category: Red Hat Security

Open source has always been paradoxical: it’s software developed by passionate developers and given away for free, yet it’s monetized and funded by some of the largest companies in the world. An underdog, once called “a cancer,” and yet it’s…

Read more →

Grab a large sweet tea or a cup of coffee and read the 2024 Product Security Risk Report from Red Hat Product Security. As someone striving to stay informed about the open source ecosystem and its security challenges, I found…

Read more →

Many organizations face challenges in creating value from data while maintaining strict regulatory standards set for handling sensitive data. For these organizations, handling large, complex data sets while maintaining efficiency, security and scalability becomes paramount to their deployment. The collaboration…

Read more →

In their article on post-quantum cryptography, Emily Fox and Simo Sorce explained how Red Hat is integrating post-quantum cryptography (PQC) into our products. PQC protects confidentiality, integrity and authenticity of communication and data against quantum computers, which will make attacks…

Read more →

More. We’ll never stop wanting it. The number of applications and their dependencies that require management is continuously growing. Starting now, the Red Hat Enterprise Linux (RHEL) extensions repository addresses the evolving needs of RHEL users by providing a trusted…

Read more →

To understand Red Hat OpenShift’s journey to quantum-safe cryptography, it helps to look at the current and planned post-quantum cryptography support in Red Hat Enterprise Linux (RHEL). This is because OpenShift includes Red Hat Enterprise Linux CoreOS (RHCOS), which provides…

Read more →

In hybrid and multicloud environments, proper management of sensitive data-like secrets, credentials and certificates is critical to maintaining a robust security posture across Kubernetes clusters. While Kubernetes provides a Kube-native way to manage secrets, it’s generally understood that Kubernetes secrets…

Read more →

Het containerplatform Red Hat OpenShift heeft glansrijk een Data Protection Impact Assessment (DPIA) doorstaan. Deze DPIA is door een onafhankelijke partij uitgevoerd in opdracht van Strategisch Leveranciersmanagement Rijk (SLM Rijk). Dit diepgaand technisch onderzoek naar eventuele privacyrisico’s werd doorlopen na…

Read more →

Non-human identities—also known as machine or workload identities—are becoming increasingly critical as organizations adopt cloud-native ecosystems and advanced AI workflows. For workloads spanning multiple cloud platforms, adhering to zero trust principles becomes challenging as they cross identity domains. A unified…

Read more →

Security leaders must address both internal and external risks, ranging from sophisticated cyberattacks to insider threats. At the same time, they must also adhere to an ever-growing list of regulations, including the General Data Protection Regulation (GDPR), the EU Cyber…

Read more →

Security is an ongoing engineering discipline, it’s not just a reaction to a crisis. For example, if you were responsible for a large suspension bridge, you would know that cracks don’t appear overnight. They start as small stress fractures, invisible…

Read more →

Open source software is the backbone of the modern technology landscape. Enterprises small and large, across industries, rely on open source projects to power critical applications and infrastructure. With the rise of AI-driven code generation tools, developers have a whole…

Read more →

Confidential computing strengthens application security by providing isolation, encryption and attestation so data remains protected while in use. By integrating these security features with a scalable, high-performance artificial intelligence (AI) and machine learning (ML) ecosystem, organizations can adopt a defense-in-depth…

Read more →

Today, ensuring the security and integrity of your software supply chain is more critical than ever. Red Hat Advanced Cluster Security for Kubernetes is focused on providing users the tools to tackle the greatest security challenges.One essential tool in this…

Read more →

When I joined Red Hat in 2019, one of the first blogs that I read was titled “Why CVSS does not equal risk: How to think about risk in your environment”. In summary, it explains why CVSS ≠ Risk: Common…

Read more →

Introducing new connectivity optionsFollowing the announcement of Red Hat Insights proxy in technology preview, we are pleased to announce that this service is now generally available.Red Hat Insights proxy helps streamline the connectivity between your environment and Red Hat’s powerful…

Read more →

Confidential Containers (CoCo) are containers deployed within an isolated hardware enclave protecting data and code (data in use) from privileged users such as cloud administrators. Red Hat OpenShift confidential containers are available from OpenShift sandboxed containers 1.7.0 as a tech-preview…

Read more →

Red Hat en het Strategisch Leveranciersmanagement Rijk (SLM Rijk) hebben een Master Agreement ondertekend. Deze overeenkomst maakt het Nederlandse Rijksoverheidinstanties makkelijker om gebruik te maken van de software en diensten van Red Hat. Met behulp van deze nieuwe overeenkomst wil…

Read more →

In my experience as a sysadmin, I have often found network connectivity issues challenging to troubleshoot. For those situations, tcpdump is a great ally.Take the course: Getting started with Linux fundamentalsTcpdump is a command-line utility that allows you to capture…

Read more →

This is the first of a series of articles in which we will share how confidential computing (a set of hardware and software technologies designed to protect data in use) can be integrated into the Red Hat OpenShift cluster. Our…

Read more →