In this article, we explore what Red Hat Insights and Red Hat Satellite have to offer individually, and then we will look at how you can have a heightened experience of the two products with the use of Cloud Connector.…
Category: Red Hat Security
Implementing security benchmarks with Red Hat Ansible Automation Platform
This article is the first in a two-part series. Here we take a step back and look at the evolving IT security risk landscape and how it is impacting organizations, after which we’ll look at a suggested automated compliance architecture.…
I will take the Red (Hat) SLSA please: Introducing a framework for measuring supply chain security maturity
With the uptick in software supply chain attacks over the last couple of years, we have harnessed a particular focus on software supply chain security within our Product Security organization. The Open Source Security Foundation (OpenSSF), in collaboration with several…
Automated dynamic application security testing with RapiDAST and cross-team collaboration
Red Hat Product Security has been developing RapiDAST, a tool that can be used for security testing of products and services. DAST stands for dynamic application (or analysis) security testing. In this article, we introduce the tool and ideas that…
Enhancing RHEL Security: Understanding SHA-1 deprecation on RHEL 9
In this article, I’ll go over some typical problems users may face with Fedora SHA-1 status (including some possible workarounds), and how you can update your infrastructure to use a more secure SHA-256. This article has been indexed from Red…
A collaborative approach to threat modeling
At Red Hat, we recognise the importance of implementing security measures early in the software development life cycle (SDLC), as breaches are becoming more evident in today’s society. Our work in Red Hat Product Security is to help minimize the…
Social Engineering vs Mistakes: Two sources of pain, one process
There are a million ways for awful things to happen to your data and accounts. For example, someone could accidentally commit their AWS access keys publicly to GitHub, and attackers quickly run up $100,000 in charges mining cryptocurrency on expensive…
‘PwnKit’ vulnerability exploited in the wild: How Red Hat responded
Ravie Lakshmanan’s recent article CISA warns of active exploitation of ‘PwnKit’ Linux vulnerability in the wild articulates the vulnerability in Polkit (CVE-2021-4034) and recommends “to mitigate any potential risk of exposure to cyberattacks… that organizations prioritize timely remediation of the…
How is Red Hat addressing the demand to develop offerings more securely?
The IT industry not only looked very different 20 years ago, product security looked very different as well. Open source software wasn’t mainstream and the majority of vendors had full control and secrecy over their product code. This article has…
Scanning container image vulnerabilities with Clair
What are container image vulnerabilities? This article has been indexed from Red Hat Security Read the original article: Scanning container image vulnerabilities with Clair
The experience of bringing OpenSSL 3.0 into RHEL and Fedora
Red Hat Enterprise Linux 9 (RHEL 9) ships with OpenSSL 3.0, a core operating system (OS) library that has been in the making for quite a while. This was a long and involved process for a variety of reasons. This article…
Security features in Red Hat Enterprise Linux 9
Red Hat Enterprise Linux 9 (RHEL 9) is the latest version of Red Hat’s flagship operating system, released at the Red Hat Summit in May 2022. New capabilities added to RHEL 9 help simplify how organizations manage security and compliance…
Common Security Advisory Framework (CSAF) beta files now available
This article has been indexed from Red Hat Security Red Hat Product Security is pleased to announce that a new security metadata offering, the Common Security Advisory Framework (CSAF), is now available in beta form. CSAF 2.0 is the successor…
Hardening Virtio for emerging security usecases
This article has been indexed from Red Hat Security Traditionally, when looking at a virtio device and its corresponding virtio driver, we assume the device is trusted by the driver. We do, however, need to protect the virtio device from…
Post-quantum cryptography, an introduction
This article has been indexed from Red Hat Security What is post-quantum cryptography? A new type of computer is being developed that can break many of our existing cryptographic algorithms. As a result, we need to develop new algorithms that…
Save time and money with Red Hat Insights Compliance reporting
This article has been indexed from Red Hat Security Organizations across the globe continue to focus on managing security and risk compliance as the threat landscape evolves. Funding for IT security remains the top priority for many enterprises, as reported…
Kubernetes Operators: good security practices
This article has been indexed from Red Hat Security What are Kubernetes Operators? Read the original article: Kubernetes Operators: good security practices
“Legacy” cryptography in Fedora 36 and Red Hat Enterprise Linux 9
This article has been indexed from Red Hat Security Fedora 36 and Red Hat Enterprise Linux 9 (RHEL 9) are out, and both ship with OpenSSL 3 that has tighter security defaults and a brand new “provider” architecture. Read the…
Containers vulnerability risk assessment
This article has been indexed from Red Hat Security Security considerations are even more important today than they were in the past. Every day we discover new vulnerabilities that impact our computer systems, and every day our computer systems become…
Getting a list of fixes for a Red Hat product between two dates is easy with daysofrisk.pl
This article has been indexed from Red Hat Security As a Technical Account Manager (TAM) one of the best parts of the job is the regular contact with our customers, talking to them frequently and helping them solve interesting problems.…
Red Hat Compliance service and the Red Hat Insights API
This article has been indexed from Red Hat Security In an earlier blog I walked you through the process of using the Red Hat Enterprise Linux (RHEL) and Red Hat Insights Compliance service to: Create compliance policies Read the original…
Automating firewall configuration with RHEL System Roles
This article has been indexed from Red Hat Security Automation can help increase efficiency, save time and improve consistency, which is why Red Hat Enterprise Linux (RHEL) includes features that help automate many tasks. RHEL System Roles are a collection…
The State of Kubernetes Security in 2022
This article has been indexed from Red Hat Security Kubernetes is the de facto standard when it comes to container orchestration and management at scale, but adoption is only one piece of Kubernetes strategy. Security plays a huge role in…
Red Hat releases open source StackRox to the community
This article has been indexed from Red Hat Security Red Hat is excited to announce that Red Hat Advanced Cluster Security for Kubernetes is now available as an open source project: StackRox. Read the original article: Red Hat releases open…
The State of Kubernetes Security in 2022
This article has been indexed from Red Hat Security Kubernetes is the de facto standard when it comes to container orchestration and management at scale, but adoption is only one piece of Kubernetes strategy. Security plays a huge role in…
Red Hat releases open source StackRox to the community
This article has been indexed from Red Hat Security Red Hat is excited to announce that Red Hat Advanced Cluster Security for Kubernetes is now available as an open source project: StackRox. Read the original article: Red Hat releases open…
Managing Red Hat Enterprise Linux at the edge
This article has been indexed from Red Hat Security Are your edge computing systems secure? A simple question with a potentially complicated answer. This is because many engineering teams combine Red Hat Enterprise Linux with decoupled applications thanks to containerization…
Security recommendations for SAP HANA on RHEL
This article has been indexed from Red Hat Security After extensive testing on RHEL 8.2, 8.4, 8.6 and 9 using the SAP HANA validation test suite, Red Hat’s engineering team concluded that SELinux can run in Enforcing mode with minimal…
Compliance as Code: Extending compliance automation for process improvement
This article has been indexed from Red Hat Security Supply chain disruptions, intellectual property theft and the rising cost of data breaches are among the top reasons for a drastic increase in global focus on cybersecurity compliance. Read the original…
5G edge and security deployment evolution, trends and insights
This article has been indexed from Red Hat Security A recent survey provides insight into how 5G networks may evolve as operators and the wider mobile ecosystem continue to invest in 5G technology. This article discusses some of the findings…
5 security considerations for edge implementations
This article has been indexed from Red Hat Security Many organizations are apprehensive about the security of edge deployments. As data becomes more and more valuable, security threats create increasingly serious concerns. No organization wants to be in the news…
Regulatory compliance at scale with Red Hat Insights
This article has been indexed from Red Hat Security How do you determine if your Red Hat Enterprise Linux (RHEL) infrastructure is compliant with security standards? This post will walk through how Red Hat Insights can help you apply security…
Improve your hybrid cloud security with these 3 tips
This article has been indexed from Red Hat Security No matter where you are in your hybrid cloud journey, security is a primary concern. In this post, we’ll look at tips and products that can help with deploying a security-focused…
Results that surprised us in The State of Enterprise Open Source report
This article has been indexed from Red Hat Security We surveyed nearly 1,300 IT decision makers at medium to large enterprises worldwide about the state of enterprise open source. Learn more about some of the key takeaways. Read the original…
Impacts from a new reality drive the need for an enhanced digital identity framework
This article has been indexed from Red Hat Security Users are perhaps more vulnerable to cybersecurity attacks than ever before. The answer to this increased risk? A self-sovereign identity (SSI)—especially for the financial services sector. Learn more. Read the original…
Curated, tested and supported: How enterprise vendors mitigate open source supply chain risk
This article has been indexed from Red Hat Security Consuming enterprise open source through a vendor like Red Hat meets the goal of minimizing the risk of using software in general, while affording the many benefits that only open source…
Safeguarding consumer data for banks: some guidelines for privacy engineering
This article has been indexed from Red Hat Security Regulatory requirements and consumer privacy concerns drive financial institutions to consider more privacy-friendly policies and development considerations in the new world of open banking. What steps can software developers take to…
Discover and remediate security vulnerabilities faster with Red Hat Insights
This article has been indexed from Red Hat Security If you are using Red Hat Enterprise Linux (RHEL), you can use Red Hat Insights to find out what systems are exposed, and to what extent. See how to find and…
Overcoming vulnerabilities with live kernel patching in Red Hat Enterprise Linux 8.5
This article has been indexed from Red Hat Security You can use a built-in tool to get update the kernel on RHEL systems with no downtime. That tool is live kernel patching (kpatch). Kpatch has been a part of our…
Gathering security data for container images using the Pyxis API
This article has been indexed from Red Hat Security The Security Data and Pyxis APIs are powerful services that can be used to gather useful security-related information programmatically. In this post, get a look at how to collect security data…
Gathering security data for container images using the Pyxis API
This article has been indexed from Red Hat Security The Security Data and Pyxis APIs are powerful services that can be used to gather useful security-related information programmatically. In this post, get a look at how to collect security data…
Gathering security data using the Red Hat Security Data API
This article has been indexed from Red Hat Security Red Hat Product Security is committed to providing tools and security data to help you better understand security threats. In this post, we cover how the Security Data API can be…
20 years of Red Hat Product Security: The rise of branded exploits (Part 2)
This article has been indexed from Red Hat Security From its inception in 2001, the Product Security team has been focused on providing Red Hat’s customers value in a wide-variety of ways. Let’s take a look at how Product Security…
OpenShift Security Hardening for the healthcare industry
This article has been indexed from Red Hat Security Protecting sensitive data is vital in healthcare due to the nature (and value) of personal health information. In this post, we outline some strategies for dealing with four high priority types…
20 Years of Red Hat Product Security: From inception to customer experience (Part 1)
This article has been indexed from Red Hat Security From its inception in 2001, the Product Security team has been focused on providing Red Hat’s customers value in a wide-variety of ways. Let’s take a look at how Product Security…
U.S. Government issues directive to prioritize fixing exploited CVEs: How Red Hat Insights can help
This article has been indexed from Red Hat Security A new U.S government directive requires federal agencies to patch known Common Vulnerabilities and Exposures (CVEs). Learn how Red Hat Insights can help you more easily triage and manage CVEs that…
Veeam Ransomware Protection with Red Hat Enterprise Linux as the Immutable Repository
This article has been indexed from Red Hat Security Veeam recently released a new feature called Immutable Repository, which uses Linux as the backup target. In this post, we validate this setup by testing it with Red Hat Enterprise Linux.…
Implementing ANSSI security recommendations for RHEL 7 and 8
This article has been indexed from Red Hat Security Maintaining security for Linux systems can be a complex task, especially as your number of servers and applications increases. In this post, we show you how to harden your Linux systems…
Getting started with Red Hat Insights and OpenSCAP for compliance reporting
This article has been indexed from Red Hat Security Sysadmins trying to keep watch over tens, hundreds, or thousands of systems need tools to help keep them in compliance with policies and security standards. In this post, we’ll look at…
Red Hat Global Customer Tech Outlook 2022: Hybrid and multicloud strategies lead the way as funding priorities hold steady
This article has been indexed from Red Hat Security Results from Red Hat’s annual Global Tech Outlook survey are in, and as in years past we explore what the data reveals about the current state of cloud and organizations’ cloud…
DSE measures and improves DevOps
This article has been indexed from Red Hat Security DSE wants to make sure that their DevSecOps vision is working across the company – to demonstrate, quantifiably, that the changes were having the desired effect. Let’s take a look at…
Technically Speaking series decodes DevSecOps
This article has been indexed from Red Hat Security Liz Rice, Chief Open Source Officer at Isovalent, has a few thoughts on core DevSecOps technologies that can help address these concerns. She joins Red Hat Chief Technology Officer Chris Wright…
Do host firewalls matter in cloud deployments?
This article has been indexed from Red Hat Security Host firewalls play a key role in a defense-in-depth strategy, and they often close gaps in critical network infrastructure. This post covers some potential scenarios where a host firewall could reduce…
How security has changed in the era of cloud computing
This article has been indexed from Red Hat Security Technologies come and go, but one concept has remained at the forefront of IT conversations for decades: Security. While security remains a perennial top priority for IT departments, what it means…
3 focus areas for DevSecOps success
This article has been indexed from Red Hat Security When it comes to adopting DevSecOps, organizations sometimes focus on overarching goals like improving business agility or digital transformation. Such a broad scope can make DevSecOps adoption difficult. Instead, companies might…
DevSecOps tools, culture and misconceptions: Advice from Red Hatters
This article has been indexed from Red Hat Security DevSecOps is an approach to software development and deployment that takes full advantage of the agility and responsiveness of DevOps, but also makes security a shared responsibility that is integrated into…
Runtime Analysis in the Red Hat DevSecOps framework
This article has been indexed from Red Hat Security Runtime analysis consists of security methods to help maintain cluster security hygiene. These methods help you enforce policies, identify behavioral risk, and provide mitigation for running workloads. Read the original article:…
Red Hat Insights and the delivery of a new security recommendation
This article has been indexed from Red Hat Security This is one story of how Red Hat Insights created a new recommendation to address a high impact vulnerability that might affect Red Hat customers. Red Hat Insights does this regularly…
Applying DevSecOps practices to Kubernetes: security analysis and remediation
This article has been indexed from Red Hat Security This post explores implementing DevSecOps principles to improve Kubernetes security analysis and remediation across the full development life cycle. Read the original article: Applying DevSecOps practices to Kubernetes: security analysis and…
Advanced automation and management of Network Bound Disk Encryption with RHEL System Roles
This article has been indexed from Red Hat Security Network Bound Disk Encryption (NBDE) can help organizations improve security by removing barriers to disk encryption. In this post learn how to use NBDE System Roles to implement high availability and…
Applying DevSecOps practices to Kubernetes: software supply chain
This article has been indexed from Red Hat Security We’ve discussed ways for you to build a DevSecOps culture and start introducing DevSecOps practices to your development workflows. This post expands on this topic and explores how you could apply…
Why distroless containers aren't the security solution you think they are
This article has been indexed from Red Hat Security The concept of distroless is a popular idea in the world of containers – but its also poorly understood. Read about some common fallacies of distroless as well as some of…
Network Controls in the DevSecOps life cycle
This article has been indexed from Red Hat Security Network controls and segmentation methods allow you to control, segregate, and visualize Kubernetes traffic. These methods help you isolate tenants and better secure communications flows between containerized applications and microservices. …
Where are you on your DevSecOps journey?
This article has been indexed from Red Hat Security DevSecOps helps organizations secure their software environments with greater speed and at a larger scale – but implementing it can be a challenge. Learn more about how to succesfully navigate your…
Watch now: 2021 Red Hat Security Symposium on-demand
This article has been indexed from Red Hat Security In July, Red Hat brought together a group of security experts, partners, and industry peers to discuss some of the hybrid cloud security problems organizations face and solutions to tackle those…
Red Hat's open approach to vulnerability management
This article has been indexed from Red Hat Security Security is at the top of mind for our customers, and understanding the language and practices around security is vital for teams delivering applications and managing infrastructure. Understanding how Red Hat…
Building a DevSecOps culture and shifting security left
This article has been indexed from Red Hat Security Adopting DevSecOps in your organization is all about introducing security into your development process as early as possible. Shifting left means introducing security as far to the left in this software process…
Understanding and verifying security of Diffie-Hellman parameters
This article has been indexed from Red Hat Security There are two methods commonly used to agree on shared secrets: have one party use some long-term asymmetric key to encrypt the secret and send it to the owner of the…
Using RHEL System Roles to automate and manage Network Bound Disk Encryption
This article has been indexed from Red Hat Security Red Hat Enterprise Linux (RHEL) has offered the ability to encrypt disks for many years, but the network bound disk encryption (NBDE) functionality, which can automatically unlock volumes by utilizing one…
Data controls in the DevSecOps life cycle
This article has been indexed from Red Hat Security Data controls help protect data integrity and prevent unauthorized data disclosure for stored data and data in motion. In this post we’ll dive deeper into the concepts of data controls and…
Sigstore: An open answer to software supply chain trust and security
This article has been indexed from Red Hat Security Sigstore is an open source project originally conceived and prototyped at Red Hat and now under the auspices of the Linux Foundation with backing from Red Hat, Google and other IT…
Sigstore: An open answer to software supply chain trust and security
This article has been indexed from Red Hat Security Sigstore is an open source project originally conceived and prototyped at Red Hat and now under the auspices of the Linux Foundation with backing from Red Hat, Google and other IT…
Application analysis in the DevSecOps life cycle
This article has been indexed from Red Hat Security June is application analysis month in the Red Hat’s monthly Security series! Beginning in March 2021, the Red Hat Security Ecosystem team has provided an introduction to a DevOps Security topic…
Identity and access in the DevSecOps life cycle
This article has been indexed from Red Hat Security Read the original article: Identity and access in the DevSecOps life cycle
Identity and access in the DevSecOps life cycle
This article has been indexed from Red Hat Security Read the original article: Identity and access in the DevSecOps life cycle
Kubernetes architecture and what it means for security
This article has been indexed from Red Hat Security Kubernetes is a robust yet complex infrastructure system for container orchestration, with multiple components that must be adequately protected. In order to know how to more effectively secure your Kubernetes environments,…
Network-Bound Disk Encryption improvements in RHEL 8
This article has been indexed from Red Hat Security What is Policy-Based Decryption? Read the original article: Network-Bound Disk Encryption improvements in RHEL 8
Security automation for digital transformation
This article has been indexed from Red Hat Security As organizations are adopting agile and DevOps to improve their processes and products at breakneck speed, security considerations may be left in the dust and digital risks left unmanaged. Therefore, organizations…
Security automation for digital transformation
This article has been indexed from Red Hat Security As organizations are adopting agile and DevOps to improve their processes and products at breakneck speed, security considerations may be left in the dust and digital risks left unmanaged. Therefore, organizations…
Actionable threat intelligence for publicly known exploits for RHEL
This article has been indexed from Red Hat Security As a Product Manager at Red Hat, I speak with customers to understand the challenges they seek to address and recommend Red Hat technologies that can help maximize efficiency and productivity…
DevSecOps compliance: Make your auditor's job easier!
This article has been indexed from Red Hat Security Read the original article: DevSecOps compliance: Make your auditor's job easier!
How to accurately match OVAL security data to installed RPMs
Red Hat publishes security data using the Open Vulnerability and Assessment Language (OVAL). Depending on what you have installed, according to the Red Hat and OVAL compatibility FAQ, you’ll need to scan streams for all products installed on your system.…
How to accurately match OVAL security data to installed RPMs
Red Hat publishes security data using the Open Vulnerability and Assessment Language (OVAL). Depending on what you have installed, according to the Red Hat and OVAL compatibility FAQ, you’ll need to scan streams for all products installed on your system.…
Compliance clarity with Red Hat Insights
Read the original article: Compliance clarity with Red Hat Insights Why audits aren’t enough Read the original article: Compliance clarity with Red Hat Insights
Combating security challenges with cloud-native AI-driven architecture
Read the original article: Combating security challenges with cloud-native AI-driven architecture Network security in modern datacenters is primarily focused on the inbound/outbound packet flow, often referred to as north-south traffic. Read the original article: Combating security challenges with cloud-native AI-driven…
Shifting left: Davie Street Enterprises implements DevSecOps
Read the original article: Shifting left: Davie Street Enterprises implements DevSecOps Become a supporter of IT Security News and help us remove the ads. Read the original article: Shifting left: Davie Street Enterprises implements DevSecOps
Reflections on 2020 security vulnerabilities
Read the original article: Reflections on 2020 security vulnerabilities What can be said about 2020 that hasn’t been said already? It definitely was a year where things happened and there certainly were several of those things that involved security. Looking…
Reflections on 2020 security vulnerabilities
Read the original article: Reflections on 2020 security vulnerabilities What can be said about 2020 that hasn’t been said already? It definitely was a year where things happened and there certainly were several of those things that involved security. Looking…
Red Hat Risk Report: A tour of 2020's branded security flaws
Read the original article: Red Hat Risk Report: A tour of 2020's branded security flaws An article from December 2020 reported that 2020 had a record high number of CVEs reported for the fourth year in a row (yet another…
Red Hat Risk Report: A tour of 2020's branded security flaws
Read the original article: Red Hat Risk Report: A tour of 2020's branded security flaws An article from December 2020 reported that 2020 had a record high number of CVEs reported for the fourth year in a row (yet another…
Defense in depth with Red Hat Insights
Read the original article: Defense in depth with Red Hat Insights Vulnerability and patch management can be time-consuming and painful. Standard practices for vulnerability management rely on scanning for vulnerabilities and rescanning to confirm that patches have been applied. Unfortunately,…
Defense in depth with Red Hat Insights
Read the original article: Defense in depth with Red Hat Insights Vulnerability and patch management can be time-consuming and painful. Standard practices for vulnerability management rely on scanning for vulnerabilities and rescanning to confirm that patches have been applied. Unfortunately,…
Introducing Red Hat Vulnerability Scanner Certification
Read the original article: Introducing Red Hat Vulnerability Scanner Certification As container and Kubernetes adoption in production has grown, concerns regarding container security, monitoring, data management and networking remain. In order to address these challenges, organizations must lay a secure…
Understanding Multipath TCP: High availability for endpoints and the networking highway of the future
Read the original article: Understanding Multipath TCP: High availability for endpoints and the networking highway of the future The days when you used a horse and buggy to travel to town along a dusty, wheel-rutted path are gone. Today’s roadways…
Understanding Multipath TCP: High availability for endpoints and the networking highway of the future
Read the original article: Understanding Multipath TCP: High availability for endpoints and the networking highway of the future The days when you used a horse and buggy to travel to town along a dusty, wheel-rutted path are gone. Today’s roadways…
DISA Has Released the Red Hat Enterprise Linux 8 STIG
Read the original article: DISA Has Released the Red Hat Enterprise Linux 8 STIG We are pleased to announce that, in collaboration with Red Hat, the Defense Information Systems Agency (DISA) has published a Secure Technical Implementation Guide (STIG) for…
STIG Security Profile in Red Hat Enterprise Linux 7
Read the original article: STIG Security Profile in Red Hat Enterprise Linux 7 Red Hat has recently updated the Red Hat Enterprise Linux (RHEL) 7 Security Technical Implementation Guide (STIG) Profile to include more coverage of automated content and improve…
STIG Security Profile in Red Hat Enterprise Linux 7
Read the original article: STIG Security Profile in Red Hat Enterprise Linux 7 Red Hat has recently updated the Red Hat Enterprise Linux (RHEL) 7 Security Technical Implementation Guide (STIG) Profile to include more coverage of automated content and improve…
Considering privacy in a work from home world
Read the original article: Considering privacy in a work from home world Data Privacy Day is a celebrated reminder of how to protect your privacy and draw awareness on how to stay safe in a digital world. With a new…
Implementing the ACSC "Essential Eight" baseline for security automation in Red Hat Enterprise Linux
Read the original article: Implementing the ACSC "Essential Eight" baseline for security automation in Red Hat Enterprise Linux Achieving compliance with a security policy and maintaining compliance can be tedious. At Red Hat, we believe that such things should be…