Red Hat Blog

As organizations continue to accelerate digital transformation in the cloud, customers are looking for ways to enhance safeguards for sensitive workloads, especially those in highly regulated industries. As such, confidential computing has become an increasingly prominent way to protect workloads by providing an isolated, hardware-encrypted environment based on a zero-trust security model. To help address this need, we are pleased to announce the general availability of confidential containers on Microsoft Azure Red Hat OpenShift, expected to be delivered in the coming weeks. This feature give

We are thrilled to announce the general availability of Red Hat OpenShift Service Mesh 3.2. This release includes the general availability of Istio’s ambient mode—a new way of deploying service mesh without sidecars that significantly lowers the resource costs of using service mesh. This provides a low overhead solution for zero trust networking with lightweight pod-to-pod mTLS encryption and authorization policies based on workload identities, with the ability to add more advanced features as required.Based on the Istio, Envoy, and Kiali projects, this release updates the version of Istio

We’ve been dedicated to advancing Red Hat Advanced Cluster Security for Kubernetes in line with the rapid evolution of Kubernetes security. With version 4.9, we’re introducing key integrations and updates designed to help streamline your workflows. To that end, we’ve improved our ability to integrate with other tools and services, enhanced visibility into operations, and begun the work of bringing virtual machines (VMs) into our scope of reporting and scanning. Red Hat Advanced Cluster Security Integration with ServiceNowA significant highlight of Red Hat Advanced Cluster Security 4.9 is

The software supply chain has evolved dramatically in recent years. Today's applications integrate countless components—from open source libraries and container images to AI models and training datasets. Each element represents a potential security risk that organizations must understand, verify, and continuously monitor. As supply chain attacks increase in frequency and sophistication, enterprises need comprehensive solutions that provide both artifact integrity and deep visibility into their software dependencies.Red Hat's latest releases of Red Hat Trusted Artifact Signer 1.3 and Red Hat

Are you excited to try out post-quantum cryptography in Red Hat Enterprise Linux (RHEL), but you haven't yet upgraded to RHEL 10? Our efforts to ensure that you're ready to make the switch, and to prepare your organization for "Q-Day", now start with RHEL 9.7. By getting started now, you can proactively begin strengthening your security posture and preparing for a seamless transition to RHEL 10.RHEL 9 was released in 2022 and was an important step forward from a security perspective. It was the first version of RHEL that received FIPS 140-3 certification, matching current security requirement

The age of quantum computing is on the horizon, and with its immense processing power comes a significant threat to the cryptographic foundations of our digital world. In this article, we'll explore the emerging support for post-quantum cryptography (PQC) in Red Hat OpenShift 4.20, focusing on how it enhances the core components of the Kubernetes control plane: the apiserver, kubelet, scheduler, and controller-manager. Missing is etcd, using an older version of Go.The quantum threatToday's widely used public-key cryptosystems, such as RSA and elliptic curve cryptography (ECC), form the foundat

Deploying cutting-edge AI in U.S. government environments can present a formidable challenge. While the power of accelerated computing is essential for modern workloads, the path to achieving an Authority to Operate (ATO) is paved with the complex and time-consuming demands of applying controls such as the Defense Information Systems Agency’s (DISA) Security Technical Implementation Guides (STIGs). This crucial security hardening process can be a manual, painstaking effort that creates friction between development teams and security mandates, slowing innovation.Today, Red Hat is reducing tha

The most common task facing system administrators is patching infrastructure. It's time consuming, it requires coordination with application teams and stakeholders, and it often must happen in segments over time. These complications make it difficult to maintain environmental consistency, which in turn can lead to instability, performance issues, and more time spent by operations staff. Using Red Hat Insights content templates to patch Red Hat Enterprise Linux (RHEL) helps limit the complexity of these activities while also increasing consistency across an IT estate.Define, instruct, and patch

You’ve trained the model, packaged it on Red Hat OpenShift AI, and it’s ready to work. The next move is exposing it through an API so people and applications can use it. At that moment, your model stops being an internal experiment and becomes a front-door service. And like any front door, somebody is going to knock … sometimes it’s the right user, sometimes not.Your model is no longer just a project in a lab: it’s a production endpoint. And like any endpoint, it’s a target. How do you ensure that only the right applications and users are interacting with it? How do you protect the

These are exciting times for AI. Enterprises are blending AI capabilities with enterprise data to deliver better outcomes for employees, customers, and partners. But as organizations weave AI deeper into their systems, that data and infrastructure also become more attractive targets for cybercriminals and other adversaries.Generative AI (gen AI), in particular, introduces new risks by significantly expanding an organization’s attack surface. That means enterprises must carefully evaluate potential threats, vulnerabilities, and the risks they bring to business operations. Deploying AI with a