Red Hat Blog

Here at Red Hat, we’ve spent over a decade building up the power of Red Hat Insights, making it one of the most valuable pieces of technology included in your Red Hat subscription. We’ve integrated with industry-leading technologies like IBM X-Force, we’ve grown invaluable data sets from our own support cases, and we’ve extended our reach to deliver Insights wherever you work. See What the Insights portfolio can do for you.One thing that's been a blocker for US government customers and contractors has been FedRAMP. But that's a blocker no more! Through a long process of sponsorship, d

Red Hat and Intel are collaborating on a joint solution that more seamlessly integrates Intel® IPU with Red Hat OpenShift, propelling cloud and edge computing into a new era of performance and scalability.The solution brings together Intel’s latest leading programmable network device, the Intel® Infrastructure Processing Unit (Intel® IPU) E2000 Series with Red Hat OpenShift. This solution, shown in the following diagram, is designed for performance at scale under real world workloads and opens up a wide array of use cases through the ability to flexibly service chain network functions at

As Kubernetes becomes increasingly integral to production environments, cyber adversaries are likewise becoming more skilled in cloud-native exploitation. According to the CrowdStrike 2024 Global Threat Report, cases involving exploitation of cloud services increased by 110% in 2023, far outpacing non-cloud cases, which grew only 60% year-over-year.CrowdStrike helps organizations stay ahead of these evolving adversaries by providing breach prevention solutions that span endpoints, Kubernetes, clouds, data and identity in the consolidated CrowdStrike Falcon® platform.This article talks about t

Architecting, deploying, and managing hybrid cloud environments can be a challenging and time-consuming process. It starts with processor selection, operating system configuration, application management, and workload protection, and it never ends. Every step requires a reliable, trusted software foundation with a comprehensive set of features and capabilities to fuel optimal performance, greater consistency, and enhanced security capabilities for your environment. With new features in Red Hat Enterprise Linux 9.4 (RHEL), you can speed-up and simplify many infrastructure life cycle operations

March 29, 2024 is a day that will hardly be forgotten by the open source community: Andres Freund disclosed his findings about the compromise in the xz compression library, which would enable an attacker to silently gain access to a targeted affected system. How did that coordination work under the hood? In this article we will give a behind the scenes glimpse into what this looked like at Red Hat.DiscoveryOn Wednesday, March 27, Andres contacted the Debian security team via their contact email ([email protected]) and let them know about the oddities he found in a SSH slowdown when using a n

Artificial intelligence (AI) is being introduced to just about every facet of life these days. AI is being used to develop code, communicate with customers, and write in various media. Cyber security, particularly product security is another place AI can have a significant impact. AI is being built into security tools, and, on the flip side, into the realm of exploitation. AI is now mainstream and won't be going away anytime soon, so security professionals need to learn how to best use it to help enhance the security of their systems and products.AI and its implications for securityThe term "a

Many organizations face numerous challenges when modernizing their applications or migrating from on-premises applications to cloud-native microservices. This can include challenges such as deploying and managing their applications at scale, increased network complexity, managing costs and ensuring security.Red Hat and F5 are collaborating to deliver enhanced networking and security services using Red Hat OpenShift to deploy technology from F5 Distributed Cloud. This technical collaboration aims to provide organizations with a more seamless multi and hybrid cloud application experience, prov

Red Hat and the National Institute of Standards and Technology (NIST) are pleased to announce our third annual Cybersecurity Open Forum – Improving the Nation’s Cybersecurity. On April 24, 2024, cybersecurity experts will gather in Washington, D.C., to share best practices and strategies for successfully navigating the evolving cybersecurity landscape. As threats evolve in sophistication and scale, government and industry must adapt swiftly and effectively to protect data and infrastructure.Attendees will learn about the nature of cybersecurity vulnerabilities, strategies to enable protect

As of Jun 30, 2024, the Red Hat Enterprise Linux (RHEL) 7 maintenance support 2 phase ends and Red Hat will no longer update compliance content for RHEL 7. Many policy providers, such as CIS and DISA, will no longer update their policies once maintenance ends.When this support phase ends, you can expect:The RHEL 7 scap-security-guide package will no longer be updated. You can continue to use the content provided after Jun 30, 2024. The content is mature, stable, and still suitable for use by Extended Update Support (EUS) customers after the end of maintenance, however as mentioned before there

Red Hat uses a four-point impact scale to classify security issues affecting our products. Have you ever asked yourself what it takes and what the requirements are for each point of the scale? We will talk through the highlights of our process in this article.Is this a CVE?First and foremost, what is a CVE? Short for Common Vulnerabilities and Exposures, it is a list of publicly disclosed computer security flaws. Learn more in this Red Hat post.To receive a severity rating, the issue needs to be a CVE. But what does it take to be a CVE? In order to warrant a CVE ID, a vulnerability has to comp