Red Hat Blog

Non-human identities—also known as machine or workload identities—are becoming increasingly critical as organizations adopt cloud-native ecosystems and advanced AI workflows. For workloads spanning multiple cloud platforms, adhering to zero trust principles becomes challenging as they cross identity domains. A unified identity framework provides consistency in automating identity issuance and enforcing access control policies across diverse environments. SPIFFE/SPIRE, an open source identity issuance framework, enables organizations to implement centralized, scalable identity management on

Het containerplatform Red Hat OpenShift heeft glansrijk een Data Protection Impact Assessment (DPIA) doorstaan. Deze DPIA is door een onafhankelijke partij uitgevoerd in opdracht van Strategisch Leveranciersmanagement Rijk (SLM Rijk). Dit diepgaand technisch onderzoek naar eventuele privacyrisico’s werd doorlopen na de recente ondertekening van een strategische overeenkomst tussen Red Hat en SLM Rijk, die het voor Nederlandse Rijksoverheidsinstanties makkelijker maakt om gebruik te maken van de open source-technologie en dienstverlening van Red Hat. Een DPIA is een belangrijk instrument om e

In hybrid and multicloud environments, proper management of sensitive data-like secrets, credentials and certificates is critical to maintaining a robust security posture across Kubernetes clusters. While Kubernetes provides a Kube-native way to manage secrets, it’s generally understood that Kubernetes secrets are not particularly secret: they are base64 encoded and are accessible to cluster administrators. Additionally, anyone with privileges to create a pod in a specific namespace can access the secrets for that namespace. While at-rest protection can be provided by encrypting sensitive da

Artificial intelligence (AI) workloads are revolutionizing the industry, impacting healthcare, finance services, national security and autonomous systems. As part of this revolution, organizations are increasingly moving their AI workloads to the cloud, taking advantage of its scalability, flexibility and cost-effectiveness. Of course this transition to the cloud brings new challenges around data privacy, intellectual property and regulation compliance. Existing virtual machines (VMs) provide isolation between workloads, but they cannot protect workloads from privileged users and software com

Security leaders must address both internal and external risks, ranging from sophisticated cyberattacks to insider threats. At the same time, they must also adhere to an ever-growing list of regulations, including the General Data Protection Regulation (GDPR), the EU Cyber Resilience Acts (CRA) and industry-specific mandates like Payment Card Industry Data Security Standard (PCI DSS) and the Digital Operational Resilience Act (DORA). Balancing these concerns requires a strategic approach that integrates security and compliance without compromising operational efficiency.External threatsCybercr

Software supply chain security has become more relevant in the last decade as more and more organizations consume, develop and deploy containerized workloads. Software is inherently complex so an analogy concerning an area of life that we can all relate to should help. Here's a conversation about cooking lasagna!“Do you need any help?”“No, it's fine. I have done this a thousand times, thanks.”“That meat packaging is unusual. It’s just a thin plastic bag. Where did you get that?”“It was a bargain. A young chap knocked the door earlier and said he was selling meat. He had a coole

IBM recently released their 2025 X-Force Cloud Threat Intelligence Index Report.Within the report and in collaboration with Red Hat Insights, “IBM X-Force found that more than half of Red Hat Enterprise Linux customers' environments had not deployed a patch for at least one critical CVE in their environment, and 18% had not patched five or more. At the same time, IBM X-Force found the most active ransomware families (e.g., Akira, Clop, Lockbit and RansomHub) are now supporting both Windows and Linux versions of their ransomware.”Red Hat Insights can help you better understand your overall

Security is an ongoing engineering discipline, it's not just a reaction to a crisis. For example, if you were responsible for a large suspension bridge, you would know that cracks don’t appear overnight. They start as small stress fractures, invisible to the untrained eye. If ignored, these weaknesses eventually lead to structural failures. That’s why regular maintenance, checking for early signs of wear, reinforcing weak points, and applying protective coating is crucial.Security vulnerabilities in IT are often presented like bridge failures that make news headlines. These issues require

Version 1.15.1 might feel like a run-of-the-mill new release of cert-manager Operator for Red Hat OpenShift but actually it features more than a few notable enhancements to improve the security posture of your OpenShift clusters. This exciting release improves the overall security posture of your OpenShift clusters, and expands upon your ability to protect your cluster networking communications with TLS certificates managed by cert-manager. The release of Red Hat OpenShift 4.18 emphasises zero trust architecture, and introduces as Technology Preview, the powerful istio-csr agent via cert-manag

Open source software is the backbone of the modern technology landscape. Enterprises small and large, across industries, rely on open source projects to power critical applications and infrastructure. With the rise of AI-driven code generation tools, developers have a whole new frontier to explore. But while AI-generated contributions might supercharge productivity, they also raise new concerns around security, safety and governance. Below we explore the dynamics of open source projects, how AI-generated code can influence enterprise software and what considerations and best practices you shou