Red Hat Blog

In a landscape where cyber threats evolve daily, the Defense Information Systems Agency’s (DISA) Enterprise Patch Management System (EPMS) plays a critical role in maintaining the cybersecurity of the Department of Defense (DoD). EPMS is not just a tool—it's a strategy, bridging software, efficiency and innovation to enhance the security posture of critical systems.The Importance of EPMSEPMS addresses a core cybersecurity challenge: verifying that all systems are consistently patched against known vulnerabilities. With cyber adversaries growing more sophisticated, leaving any endpoint exp

IT security is no longer the responsibility of a single, specialized team. To help protect your organization from growing cyber threats, IT security should be a priority for everyone. By integrating security processes and functions into every stage of the software development lifecycle, you not only better protect your products but you also build trust with your users. Here's how you can democratize security processes and make it a shared responsibility across your organization, while giving your developers what they need to create applications quickly.Software supply chain security tools and

The sheer amount of technologies today has created a massive boom in innovation, allowing organizations globally to create software in a variety of ways. While having numerous technologies to create software is advantageous, it also presents a challenge—managing the complexity of using so many tools and technologies.Platform engineering is an emerging practice to help organizations streamline their tools and infrastructure into a single cohesive point, known as an internal developer portal(IDP). The goal is to consolidate technologies, knowledge and best practices to boost overall productivi

When I joined Red Hat in 2019, one of the first blogs that I read was titled “Why CVSS does not equal risk: How to think about risk in your environment”. In summary, it explains why CVSS ≠ Risk: Common Vulnerability Scoring System (CVSS) scores measure the severity of vulnerabilities but don’t capture the unique risks they pose to specific environments. Risk is context-dependent, and organizations must consider factors like exploitability, impact and mitigation to tailor vulnerability management to their needs.Today, many organizations are still measuring the security of their environm

In this article, you’ll learn about the Performance Co-Pilot (PCP) tool and how we take advantage of it to implement system and application monitoring for Red Hat Ansible Automation Platform.What is Performance Co-Pilot (PCP)PCP is an open source performance monitoring and analysis framework developed by Red Hat. It provides a suite of tools, libraries and services to monitor, retrieve and analyze performance metrics from different systems, services and applications. PCP is designed for scalability, enabling it to monitor anything from a single server to a large, distributed network of machi

Introducing new connectivity optionsFollowing the announcement of Red Hat Insights proxy in technology preview, we are pleased to announce that this service is now generally available.Red Hat Insights proxy helps streamline the connectivity between your environment and Red Hat’s powerful Insights services. It acts as a lightweight proxy, enabling you to access various lifecycle and security services for Red Hat Enterprise Linux (RHEL) without directly connecting RHEL hosts.Value of Red Hat Insights proxy:The proxy simplifies network connectivity through efficient integration, so that all tra

Confidential Containers (CoCo) are containers deployed within an isolated hardware enclave protecting data and code (data in use) from privileged users such as cloud administrators. Red Hat OpenShift confidential containers are available from OpenShift sandboxed containers 1.7.0 as a tech-preview on Azure cloud and as a tech-preview on Azure Red Hat OpenShift.In this article we introduce confidential containers on bare metal which is now available as a preview using Assisted Installer for OpenShift. We cover a number of use cases for CoCo bare metal, explain how it works with different trusted

Red Hat en het Strategisch Leveranciersmanagement Rijk (SLM Rijk) hebben een Master Agreement ondertekend. Deze overeenkomst maakt het Nederlandse Rijksoverheidinstanties makkelijker om gebruik te maken van de software en diensten van Red Hat. Met behulp van deze nieuwe overeenkomst wil Red Hat innovatie binnen Nederlandse Rijksoverheidsinstanties versnellen met open source platforms die beter kunnen integreren met hybride cloud-omgevingen.SLM Rijk bundelt de onderhandelingskracht van de Rijksoverheid als geheel. Dit zorgt voor meer voorspelbare en gunstige voorwaarden en bevordert de kostenef

Unless you have been gifted with a photographic memory, this is likely going to sound very familiar. Picture it: You’re away from your desk and you need to access one of your apps from your phone. You attempt to sign in and get the dreaded message: “the username and password entered do not match our records.” Thus begins the time-consuming process of requesting a password reset, including coming up with a new password that doesn’t match something you’ve already used in the past. Despite the frustration you feel, passwords have been the cornerstone of keeping our online data secure fo

In my experience as a sysadmin, I have often found network connectivity issues challenging to troubleshoot. For those situations, tcpdump is a great ally.Take the course: Getting started with Linux fundamentalsTcpdump is a command-line utility that allows you to capture and analyze network traffic going through your system. It is often used to help troubleshoot network issues, as well as a security tool.A powerful and versatile tool that includes many options and filters, tcpdump can be used in a variety of cases. Because it's a command-line tool, it is ideal to run in remote servers or device