Red Hat Blog

<p><span><span><span><span><span><span>The OpenSSL project published </span></span></span></span></span></span><a href="https://www.openssl.org/news/secadv/20221101.txt"><span><span><span><span><span><span><span><span>two important impact security flaws</span>

<p><span><span><span><span><span><span>Vulnerabilities in software are a global concern, and open source software is no different from proprietary software in this regard. Any software vulnerability has the potential to be exploited by miscreants to harm its user. Whether this is on-premises, in the cloud, or on your mobile device, vulnerabilities in software make headlines (for good reason).</span></span></span></span></span>&a

A few months ago, I wrote my first blog for Red Hat: Getting a list of fixes for a Red Hat product between two dates is easy with daysofrisk.pl

Last quarter, I introduced the issue where our existing public key cryptography algorithms are vulnerable to a potentially new form of computers called quantum computers. In this article I introduce one of the better understood potential replacements: Hash-based signatures.

Red Hat's products are distributed through numerous methods, including RPMs, ISOs and zip files. Over the past several months, we have been working across the organization to design and implement a plan to provide signatures for all zip file types so that our customers have greater assurance that Red Hat actually creates the products they receive. This work is essential to our customers' trust in Red Hat and our products.

Container and Kubernetes adoption brings the promise of faster application development and delivery at larger scales -- however, it also brings with it new security challenges. Protecting cloud-native applications can require significant changes in how organizations approach IT security. They need to apply controls earlier in the application development lifecycle, use existing infrastructure to apply and enforce these controls, keep up with increasingly rapid release schedules, and more.

Red Hat Insights, which is included with Red Hat subscriptions, analyzes platforms and applications to help enterprises manage hybrid cloud environments. Insights uses predictive analytics and deep domain expertise to reduce complex operational tasks from hours to minutes, including identifying security and performance risks, tracking licenses and managing costs.

Red Hat leads the tech industry's cutting edge practices for the resolution of cybersecurity issues. Red Hat does this by providing relevant and accessible information and enabling the larger community to make well-informed decisions about security issues.

Confidential Containers (CoCo) is a new sandbox project of the Cloud Native Computing Foundation (CNCF) that enables cloud-native confidential computing by taking advantage of a variety of hardware platforms and technologies.

The Red Hat Enterprise Linux (RHEL) web console provides a web-based graphical interface for managing and monitoring systems. The web console can be used to complete a wide variety of tasks, such as managing storage, users, the firewall, monitoring performance metrics, reviewing log files, installing system updates and many others.