Red Hat unveils new levels of security for its solutions

Red Hat Inc. announces that its portfolio of open hybrid cloud technologies included a set of new innovations and security capabilities. These innovations, designed to help businesses reduce risk and meet compliance requirements across increasingly complex multiple IT environments that mix cloud services, legacy systems and edge devices, aim to minimize process complexity while helping customers improve their security posture and employ the DevSecOps model.

According to Red Hat’s Global Tech Outlook 2021 report, 45% of respondents place IT security at the top of their funding priorities. However, IT security is not a static demand – regulatory controls, compliance requirements and malicious actors evolve almost daily, requiring near-permanent vigilance from IT security teams. Red Hat has long been a leader in security for enterprise open source solutions, beginning with Red Hat Enterprise Linux, viewing security as a fundamental component, not an add-on. KuppingerCole Analysts recently recognized Red Hat as the global leader in its Leadership Compass for Container Security. According to KuppingerCole’s assessment,

“With a massive market presence and proven expertise in container management, bolstered by the recent acquisition and integration of StackRox, a leading container security company, Red Hat is recognized as the global leader in this Leadership Compass.”Red Hat continues its constant drive to innovate to advance security in hybrid cloud environments, whether on-premises, multi-cloud, or edge, across of the technology lifecycle and the software stack. Better secure the software supply chainSecuring applications from development through the entire lifecycle can be complex and often requires the participation of several components. To simplify the process of implementing security features throughout the build, deploy, and run process, Red Hat will launch a software supply chain security model.

Delivered through Red Hat Openshift, the templates offer complete stacks in code form and define, build, and validate the necessary software configurations. Available in preview, the Software Supply Chain Security Model will assemble the components needed to architect cloud-native applications from trusted components. The model uses a Kubernetes-native pipeline and is continuously integrated through Red Hat OpenShift Pipelines and Red Hat OpenShift GitOps for version control, reducing complexity and saving time. Additionally, through Tekton Chains, the model will integrate Sigstore, an open-source project that aims to make cryptographically signing code more accessible. This addition makes it easier to sign artifacts in the pipeline itself rather than after the application has been built. Additionally, the Red Hat Ansible Automation Platform 2.2 includes a technical preview of Ansible content signing technology. This new feature contributes to software supply chain security by enabling automation teams to verify that the automation content running in their enterprise is verified and trusted. data center at the edge as enterprises adopt cloud-native architectures, their fundamental needs for hardened environments, smaller attack surfaces, and faster detection and response to threats remain similar. Applications that operate outside of traditional computing environments, including at the edge, thus introduce additional security requirements, which further magnify the complexity of these challenges. Beyond physical device security requirements, CIOs and IT decision makers are increasingly seeing the need to protect containerized workloads running on these devices. Implementing strategies and capabilities to prevent the lateral movement of potential attacks or breaches through edge deployments could be a case in point. Red Hat Advanced Cluster Security for Kubernetes provides a ready-to-deploy answer to these concerns, with key capabilities to protect edge workloads, such as:

Automated DevSecOps in the CI/CD pipeline to help protect the software supply chain in edge environments through vulnerability management, application configuration scanning, and CI/CD integration.

Threat protection that provides runtime threat detection and incident response capabilities for common threats.

Network segmentation to enforce workload isolation, analyze container communication, and detect risky network communication paths.

Built-in security starts with the operating system In its 2022 board survey, Gartner® found that 88% of board members ranked cybersecurity as a business risk, while only 12% considered it a technology risk.1The far-reaching ramifications of a cyberattack or data breach have led to heightened scrutiny of IT environments, both by investors and regulators. It is therefore essential to fortify IT environments against these potentially damaging incidents; Red Hat believes this effort begins at the operating system, which is highlighted by Red Hat Enterprise Linux. Red Hat Enterprise Linux 9 introduces integrity measurement architecture (IMA) digital hashes and signatures, a process that gives users the means to verify the integrity of the operating system using digital signatures and hashes. It also helps detect malicious changes throughout the infrastructure, making it easier to limit the potential for system compromise. Additional key security features in Red Hat Enterprise Linux 9 include: Stronger security around root privileges by disabling root login via SSH by default. This helps prevent discovery of root passwords by brute force attacks and improves basic security postures of an operating environment.Support for the latest cryptographic frameworks with integration of OpenSSL 3, which allows IT teams to implement new encryption algorithms to encrypt and protect sensitive information.Enforce security best practices by disabling the cryptographically broken SHA-1 hash function for digital signing by default , which improves security hygiene. Additionally, Red Hat and IBM Research are collaborating to extend core security aspects of the Linux kernel, including support for signing and verifying elliptic curve digital signatures . This work expands the supported algorithms and reduces the size of digital signatures used in the Linux kernel.

Availability: The software supply chain security model is expected to be available in Q2 2022. Red Hat Enterprise Linux 9 will be available in the coming weeks.

We would love to give thanks to the author of this write-up for this incredible material

Red Hat unveils new levels of security for its solutions

You can find our social media accounts as well as the other related pages