Source
Red Hat Blog
Security considerations are even more important today than they were in the past. Every day we discover new vulnerabilities that impact our computer systems, and every day our computer systems become more complex. With the deluge of vulnerabilities that threaten to swamp our security teams, the question, "How much does it matter?" comes quickly to our minds. This question, "Does it matter?", has two parts:
As a Technical Account Manager (TAM) one of the best parts of the job is the regular contact with our customers, talking to them frequently and helping them solve interesting problems. One of our customers came to me with an interesting challenge. The team creates a new Gold Image every month and they wanted to provide release notes for the image, automatically generating a list of CVEs that had been fixed in this version of the image.
In an earlier blog I walked you through the process of using the Red Hat Enterprise Linux (RHEL) and Red Hat Insights Compliance service to: Create compliance policies
Automation can help increase efficiency, save time and improve consistency, which is why Red Hat Enterprise Linux (RHEL) includes features that help automate many tasks. RHEL System Roles are a collection of Ansible content that helps provide more consistent workflows and streamline the execution of many manual tasks.
Red Hat is excited to announce that Red Hat Advanced Cluster Security for Kubernetes is now available as an open source project: StackRox.
Kubernetes is the de facto standard when it comes to container orchestration and management at scale, but adoption is only one piece of Kubernetes strategy. Security plays a huge role in how organizations use cloud-native technologies, and is typically much trickier to address than simply spinning up and running containers.
Are your edge computing systems secure? A simple question with a potentially complicated answer. This is because many engineering teams combine Red Hat Enterprise Linux with decoupled applications thanks to containerization technologies. But with so many changes happening across your organization, it can be hard to scale your infrastructure.
After extensive testing on RHEL 8.2, 8.4, 8.6 and 9 using the SAP HANA validation test suite, Red Hat’s engineering team concluded that SELinux can run in Enforcing mode with minimal impact to database performance. This is important because it means that RHEL customers will be able to apply higher security levels to their hosts running SAP HANA and tailor the policies to their needs.
Supply chain disruptions, intellectual property theft and the rising cost of data breaches are among the top reasons for a drastic increase in global focus on cybersecurity compliance.
One of the most important security changes for OpenSSH in Red Hat Enterprise Linux (RHEL) 9 is the deprecation of the SCP protocol. These are the changes that we have implemented: The scp command line tool uses the SFTP protocol for file transfers by default.