Category: Red Hat Security

Today we’re excited to announce a new mechanism for admins to safely and easily customize an operating system deployment with highly refined needs while taking full advantage of the automation and power provided by Red Hat OpenShift. This means you…

Read more →

Red Hat Enterprise Linux 9.4 introduces the ability for centrally managed users to authenticate through passwordless authentication with a passkey, meaning it’s an enterprise Linux distribution with Fast Identity Online 2 (FIDO2) authentication for centrally managed users! This is all…

Read more →

The Marvin Attack is a new side-channel attack on cryptographic implementations of RSA in which the attacker decrypts previously captured ciphertext by measuring, over a network, server response times to specially crafted messages. The attacker also may forge signatures with…

Read more →

In a previous Red Hat article, VP of Red Hat Product Security, Vincent Danen, discussed the question “Do all vulnerabilities really matter?” He emphasized that “a software vulnerability has the potential to be exploited by miscreants to harm its user.”…

Read more →

It is hard to imagine any modern computer system that hasn’t been improved by the power of artificial intelligence (AI). For example, when you take a picture with your smartphone camera, on average more than twenty deep learning (DL) models…

Read more →

ANSSI, the National Cybersecurity Agency of France (Agence nationale de la sécurité des systèmes d’information), provides a configuration guide for GNU/Linux systems. It’s identified as ANSSI-BP-028 (formerly known as ANSSI DAT NT-028). Recently, ANSSI published an update of its ANSSI-BP-028…

Read more →

A lot of organizations use Red Hat Ansible Automation Platform to orchestrate their infrastructure and Hashicorp Vault to manage their secrets. But how do they work together?HashiCorp Vault is a powerful tool for managing secrets, providing a centralized platform for…

Read more →

In the last few years, several Red Hat customers have asked how to add a Web Application Firewall (WAF) to the OpenShift ingress to protect all externally facing applications.A WAF is a Layer 7 capability that protects applications against some…

Read more →

Changing systems passwords is a common task that all systems administrators must do to keep up with all the latest security policies. Now with secrets being managed by the secrets management system, we need a way to integrate with that…

Read more →

The concept of security by design, which includes the concept of security by default, is not new. In fact, secure by design is considered one of the fundamental principles of secure development. In general, we say there is security by…

Read more →

The Kentik Collection is now Red Hat Ansible Certified Content, and is available on Ansible automation hub. The highlight of this is Event-Driven Ansible, an event source plugin from Kentik to accept alert notification JSON. This works in conjunction with…

Read more →

How to get started with automated policy as code: Start small but think BIG.A policy enforcement feature is coming to future versions of Red Hat Ansible Automation Platform. This blog provides more detail around where we’re heading with this exciting…

Read more →

Veeam Backup and Replication is a backup, recovery and data management platform that modernizes data protection for cloud, physical and virtual environments. In this post we’re going to look at using Veeam as part of a strategy to guard against…

Read more →

Recently we announced that Red Hat Insights along with Red Hat OpenShift on AWS GovCloud has achieved Federal Risk and Authorization Management Program (FedRAMP®) Agency Authority to Operate (ATO) at the High Impact Level.We delved down a bit further into…

Read more →

Recently we announced that Red Hat Insights along with Red Hat OpenShift on AWS GovCloud has achieved Federal Risk and Authorization Management Program (FedRAMP®) Agency Authority to Operate (ATO) at the High Impact Level.We delved down a bit further into…

Read more →

As Kubernetes becomes increasingly integral to production environments, cyber adversaries are likewise becoming more skilled in cloud-native exploitation. According to the CrowdStrike 2024 Global Threat Report, cases involving exploitation of cloud services increased by 110% in 2023, far outpacing non-cloud…

Read more →

Architecting, deploying, and managing hybrid cloud environments can be a challenging and time-consuming process. It starts with processor selection, operating system configuration, application management, and workload protection, and it never ends. Every step requires a reliable, trusted software foundation with…

Read more →

Here at Red Hat, we’ve spent over a decade building up the power of Red Hat Insights, making it one of the most valuable pieces of technology included in your Red Hat subscription. We’ve integrated with industry-leading technologies like IBM…

Read more →

Many organizations face numerous challenges when modernizing their applications or migrating from on-premises applications to cloud-native microservices. This can include challenges such as deploying and managing their applications at scale, increased network complexity, managing costs and ensuring security.Red Hat and…

Read more →

Red Hat and the National Institute of Standards and Technology (NIST) are pleased to announce our third annual Cybersecurity Open Forum – Improving the Nation’s Cybersecurity. On April 24, 2024, cybersecurity experts will gather in Washington, D.C., to share best…

Read more →