Red Hat Blog

This is the first in a series of three blog posts focusing on United Kingdom Critical National Infrastructure (CNI) cybersecurity. Part 1 will focus on giving readers an overview of the problem space that CNI organizations face, Part 2 will explore the critical areas of People and Processes, and finally, Part 3 will concentrate on technology and identify where CNI organizations can reduce their risk through Red Hat technology, training, and services. All organizations across the globe are feeling the effects of increased cybersecurity attacks. Along with the growing number of attacks, the c

Our previous blog discussed the persistent volume challenges with peer-pods and how to resolve them. It also introduced using the CSI wrapper as a potential solution to the persistent volume usage challenges with peer-pods. This post dives deeper into the various components that make up the persistent volume solution in peer-pods. Interpreting the CSI plugins in peer-pods To use persistent volumes in peer-pods, intercept the CSI Plugins in the control plane (CSI Controller Plugin) and worker node (CSI Node Plugin) through the CSI Wrapper approach. With the CSI Wrapper injected into C

A lot of system administrators within the Department of Defense already use the Advanced Intrusion Detection Environment (AIDE). This is mainly because of a Security Technical Implementation Guide (STIG) that states that a file integrity checker must be configured to verify extended file attributes. There are a lot of features to AIDE, and the combination of using AIDE with Red Hat Ansible Automation Platform gives you the ability to automate important corrections to your system configuration. Telling AIDE what to check AIDE can be configured to check multiple file and folder attributes.

Peer-pods, also known as the Kata remote hypervisor, enable the creation of Kata Virtual Machines (VM) on any environment, be it on-prem or in the cloud, without requiring bare metal servers or nested virtualization support. This is accomplished by extending Kata containers runtime to manage the VM lifecycle using cloud provider APIs (e.g., AWS, Azure) or third-party hypervisor APIs (such as VMware vSphere). Since peer-pods are separate VMs alongside the Kubernetes node, traditional Container Storage Interface (CSI) cannot function properly within them, and different solutions are required.

Red Hat Ansible Automation Platform is a platform for implementing enterprise-wide automation, which makes it an ideal tool for your security audits. Security has many layers, but this article focuses on mitigating SSH attacks on managed hosts. While you can't eliminate all security risks, you can harden managed hosts to minimize some of them (especially brute force attacks), and mitigate others (by allowing SSH connections only from authorized hosts, enforcing sudo, and so on). This article uses Ansible Automation Platform, but most of the hardening configuration is applied to the managed hos

Edge computing has grown from being a niche use case in a handful of industries to offering a major opportunity for enterprises across industries to spread compute power around the world (or universe, as in the case of workloads in space). Edge computing slashes latency times by processing data where the data is being collected, or when it might otherwise be impossible to process because a workload or piece of hardware is disconnected from the network. But when you consider any advanced technology, the question of security and data protection is always top of mind. This is especially true f

Maintaining compliance to cybersecurity standards can be a daunting task, but you can mitigate that by using Red Hat Insights. With the latest feature update, the Red Hat Insights Compliance reporting service now allows you to edit the rules in your policies to meet your organization's requirements, giving you visibility and control over your servers. Red Hat Insights is a managed service, included with every Red Hat Enterprise Linux (RHEL) subscription, that continuously analyzes platforms and applications to help you manage your hybrid cloud environment. Red Hat Insights uses predictive a

There’s a movement going on in the world of Department of Defense (DoD) applications. The momentum surrounding application modernization efforts means containerized applications show growth in the DoD. That, combined with task orders coming out using the Joint Warfighting Cloud Capability (JWCC) contract, leads to the question, “How do we increase the security of containerized applications in this new landscape?” Traditional ACAS (Assured Compliance Assessment Solution) scans don’t really work in a containerized environment. You can certainly scan containerized applications, but in

Red Hat strives to get better at what we do, faster at how we do it, while maintaining high quality results. In modern software development, that means focusing on security as early as possible into our software development process, and continuously driving improvements by listening and acting upon early feedback in the Secure Development Lifecycle (SDL). One important tool toward that goal is the Common Weakness Enumeration (CWE), a community-developed taxonomy of flaws. We use CWE classifications to gather intelligence and data to visualize clustering common weaknesses. We can then better

As the IT security landscape continues to evolve, so do the practices that IT organizations use to mitigate threats and maintain a more secure operating environment. Staying ahead of attackers and minimizing the cost of defense requires constant and appropriate reflection and analysis to improve processes and strategies. In this series, we explain what a CWE is, share our background on CWE collection, and explain how Red Hat has evolved our usage of CWEs over the past few years. What is a CWE? Common Weakness Enumeration (CWE) is a community-developed taxonomy of weaknesses maintained by