Red Hat Blog

In confidential computing environments, attestation is crucial in verifying the trustworthiness of the location where you plan to run your workload or where you plan to send confidential information. Before actually running the workload or transmitting the confidential information, you need to perform attestation.This blog provides an overview of the components implemented in the confidential containers (CoCo) to support the IETF RATS model (Remote ATtestation procedureS Architecture). The components include the Attestation Service (AS), Key Broker Service (KBS), Reference Value Provider Servi

What is Ansible Lightspeed?Red Hat Ansible Lightspeed, armed with the formidable watsonx Code Assistant, leverages generative artificial intelligence (AI) to transform user prompts into code recommendations built on Red Hat Ansible Automation Platform best practices. Merging the realms of AI and Information Technology (IT), Red Hat Ansible Lightspeed can be used to enhance the productivity of automation developers and extend trust in the automation codebase.Leveling up the code with Red Hat’s Secure Development LifecycleRed Hat’s Secure Development Lifecycle (RH-SDL) focuses on software de

Updated March 30, 2024: We have determined that Fedora Linux 40 beta does contain two affected versions of xz libraries - xz-libs-5.6.0-1.fc40.x86_64.rpm and xz-libs-5.6.0-2.fc40.x86_64.rpm. At this time, Fedora 40 Linux does not appear to be affected by the actual malware exploit, but we encourage all Fedora 40 Linux beta users to revert to 5.4.x versions.Editor's note: This post has been updated to more clearly articulate the affected versions of Fedora Linux and add additional mitigation methods.Yesterday, Red Hat Information Risk and Security and Red Hat Product Security learned that the l

Red Hat Insights is a SaaS (Software as a Service) offering from Red Hat that centralizes different tools and technologies to help analyze and remediate systems, platforms, and applications. It helps you keep your infrastructure compliant with best practices and security profiles, while also offering cost management and cluster update risks analysis.Insights is available for Red Hat Enterprise Linux, Red Hat Ansible Automation Platform, and Red Hat OpenShift at no additional cost with the associated subscriptions.Insights for OpenShiftRed Hat Insights is present by default in each OpenShift cl

The Quay team is excited to announce that Red Hat Quay 3.11 will be generally available this month. This release will introduce updates to permission management and image lifecycle automation automation for more effective management at scale. Significant updates include:Team-sync with OIDC groupsPruning policies at the repository levelMore Quay feature coverage in the new UIGeneral AWS STS supportQuay operator enhancementsIncreased control across user groupsWith Quay 3.11, users can manage permissions based on groupings defined in an OIDC provider (e.g. Azure Active Directory Service). Quay ad

We are pleased to announce the release of Red Hat OpenShift Service Mesh 2.5. OpenShift Service Mesh is based on the Istio and Kiali projects, and is included as part of all subscription levels of Red Hat OpenShift. OpenShift Service Mesh 2.5 updates the underlying version of Istio to 1.18 and Kiali to 1.73.This release includes updates from Istio 1.17 and 1.18 including subsequent patch releases up to Istio 1.18.7. Most notably, this includes support for Certificate Revocation Lists for external traffic, “developer preview” support for dual-stack IPv4/IPv6, and updates to Gateway API. Thi

The Red Hat Advanced Cluster Security (RHACS) engineering team is excited to announce the pending release of the latest RHACS version, packed with brand-new features and updates. The team continues to build on the 4.0 major release and RHACS Cloud Service announcements last year with a feature-packed release to kick off 2024. The RHACS 4.4 release will focus on increased consistency of scan results, strengthened security posture management, and more automated security features to alleviate monotonous security tasks.Significant updates include:A new vulnerability scanner termed “Scanner V4”

We’re pleased to announce that the Red Hat FedRAMP offering, which includes Red Hat OpenShift Service on AWS (ROSA), has obtained the “Ready” designation from the FedRAMP Joint Authorization Board (JAB). This means that Red Hat is now listed on the FedRAMP Marketplace as actively pursuing JAB authorization, with additional updates showing our progress and achievements across the two paths for authorization: The existing Agency Authority to Operate (ATO) listing and a separate listing for the JAB path. This is the next major milestone from our August 2023 update, where Red Hat was priorit

Artificial intelligence (AI) has been evolving as one of the top priorities for organizations because of the increasing volume of data being generated from core data centers to the edge. Similarly, the adoption of Kubernetes in the past 10 years has resulted in improved scalability, reliability and business resilience.While Kubernetes has resulted in immense benefits, operational management and security continue to be challenging. Managing software supply chain integrity, monitoring the security of container images and runtime environments and enforcing compliance policies can be overwhelming.

Public clouds provide geo resilience in addition to being cost-effective when compared to on-premise deployments. Regulated industries such as the Financial Services Industry (FSI) traditionally have been unable to take advantage of public clouds since FSI is highly regulated from a security and resiliency standpoint.Confidential computing (CC) and specifically confidential containers (CoCo) in the cloud provide data protection and integrity capabilities, facilitating the migration of financial workloads to the cloud.In this blog we will look at the Financial Services Industry and how it can d