Red Hat Blog

OpenShift confidential containers (CoCo) is now generally available for Microsoft Azure. You can extend the security capabilities of Red Hat OpenShift by using OpenShift confidential containers, which allows you to deploy and manage confidential workloads with enhanced data protection and integrity. This release marks a significant milestone, providing a robust solution for enterprises seeking to protect sensitive applications and data on Azure. It addresses critical security concerns by isolating workloads within a hardware-protected trusted execution environment, helping ensure that data re

Red Hat OpenShift sandboxed containers 1.10 has been released, bringing enhanced security and isolation capabilities to your Red Hat OpenShift environments. This marks the general availability of confidential containers on Microsoft Azure, and introduces the new Red Hat build of Trustee, which provides attestation services so your confidential workloads can run with integrity in the cloud. OpenShift sandboxed containers delivers a lightweight and powerful way to run workloads in isolation. Confidential containers add an additional layer for hardware-protected environments, leveraging Trusted E

In enterprise Kubernetes environments, security risks often arise from overlapping administrative access. Platform engineers, infrastructure operators and developers may all touch sensitive resources, like secrets. This creates opportunities for privilege misuse or data exposure. By separating admin duties using Confidential Containers, organizations can prevent insider threads, simplify compliance, and align with zero-trust principles.Kubernetes role-based access control (RBAC) enforces access policies by defining roles and permissions for users, groups, and service accounts. It allows you to

When you subscribe to Red Hat Enterprise Linux (RHEL), you get security fixes for Common Vulnerabilities and Exposures (CVE). As defined in the RHEL Life Cycle Policy, we classify any issue rated with a Common Vulnerability Scoring System score of 7.0 or higher as Critical, Important or Moderate. Our enhanced support plans (RHEL Extended Life Cycle Support, Extended Update Support, and Enhanced Extended Update Support) include similar coverage. But compliance in finance, healthcare, telecommunications, the public sector and other highly regulated industries may demand fixes and patches outsid

Model Context Protocol (MCP) is a powerful protocol from Anthropic that defines how to connect large language models (LLMs) to external tools. It has quickly gained traction due to its ease of use and the benefits it adds in our use of AI. In this article we'll cover some of the potential security risks you'll encounter with MCP and how you can approach mitigating them.How MCP worksMCP does not directly connect LLMs with tools. The MCP client component accesses the LLM, and the MCP server component accesses the tools. One MCP client has access to one or more MCP servers. Users may connect any

Security continues to be a top priority for organizations managing Kubernetes clusters. Red Hat has made significant strides for improved security for containers with its latest release of Red Hat Advanced Cluster Security 4.8. This release focuses on simplifying management, enhancing workflows and offering visibility into the security of containerized environments.External IP visibility for improved securityRed Hat Advanced Cluster Security 4.8 introduces the general availability of a powerful new feature: The ability to visualize external IPs directly within the network graph dashboard. This

Making sure your Kubernetes environment is secure and compliant is a critical, ongoing challenge, especially for enterprise workloads in the hybrid cloud. To help you meet security requirements with greater confidence and efficiency, we’ve just rolled out key updates to Red Hat Advanced Cluster Security for Kubernetes Cloud Service. This latest release helps significantly strengthen your security posture with newly added industry-standard certifications, including ISO 27001 and PCI DSS 4.0, and deeper integration with key AWS services. These enhancements are designed to streamline compliance

Open source has always been paradoxical: it's software developed by passionate developers and given away for free, yet it's monetized and funded by some of the largest companies in the world. An underdog, once called "a cancer," and yet it's the single largest driver of innovation and technological progress we have ever seen. In the world of open source, paradox will always exist, but nowhere more so than in the understanding of security vulnerabilities.Twenty-five years ago, the Common Vulnerabilities and Exposures (CVE) program was established to standardize the naming and tracking of softw

Red Hat is built on open source, a global decentralized and transparent community of international engineers who put security at the forefront of technology. Red Hat Enterprise Linux (RHEL) is the trusted operating system (OS) used by more than 90% of Fortune 500 companies and customers in more than 174 countries. This trust is earned largely due to RHEL's reliability and stability as well as Red Hat's long history of actively contributing to open source projects. There is one key factor that is often discounted with respect to the Linux OS, however, which is its reputation for having enhanced

Grab a large sweet tea or a cup of coffee and read the 2024 Product Security Risk Report from Red Hat Product Security. As someone striving to stay informed about the open source ecosystem and its security challenges, I found this year's report noticeably longer, but the depth and detail didn’t disappoint. In fact, one notable addition to this year’s report is the discussion of AI. The numbers game: up, up, and...wait, what?First, let’s break down the raw numbers. Red Hat Security Advisories (RHSA) hit a new peak in 2024, clocking in at 2975. There has been a steady increase over the pa