Red Hat Security

Modern IT departments are wrestling with a sprawling array of automation and operations tools, often numbering in the dozens or even hundreds. This complexity makes efficient management and integration a significant obstacle, especially as organizations accelerate their investment in hybrid IT ecosystems, cloud services, and cloud-native application modernization. To help overcome this "tool sprawl" and its impact on productivity, enterprises are working to establish a common environment for orchestrating and managing critical IT processes—a "unified IT automation platform."To understand the

Red Hat is excited to announce the release of Red Hat OpenShift sandboxed containers 1.11 and Red Hat build of Trustee 1.0, marking a significant milestone in our confidential computing journey. These releases bring production-grade support for confidential containers in Microsoft Azure Red Hat OpenShift and introduce technology preview support for bare metal environments with Intel TDX and AMD SEV-SNP processors. Organizations can now protect their most sensitive workloads with hardware-based memory encryption and attestation capabilities across cloud and on-premises infrastructure. OpenShift

The Center for Internet Security® (CIS®) has officially published guidance for hardening Red Hat OpenShift Virtualization.The official publication of the new CIS Benchmark® for Red Hat OpenShift Virtualization is an important development for organizations running traditional virtual machines (VMs) alongside modern containers. OpenShift Virtualization is a feature of Red Hat OpenShift that allows existing VM-based workloads to run directly on the platform. This globally recognized, consensus-driven benchmark provides recommendations for creating a security-focused configuration for those env

IT teams are stuck between wanting to implement AI solutions across their organizations and dealing with the messy reality of increasingly complex infrastructure. Many are attempting to build their own automation solutions, cobbling together a patchwork of tools that, while well-intentioned, can actually make things worse. Red Hat dug into this with SP Global Market Intelligence 451 Research, and their findings point to a simpler alternative: use a unified platform instead of patchworking tools together.The DIY dilemma: More tools, more problemsMost teams are drowning in tools, often ending up

Twenty-eight percent of businesses surveyed in the recent SP Global Market Intelligence 451 Research report, “The value of a unified automation platform,” responded that their company uses 50-100+ tools that don’t seamlessly integrate. This widespread adoption of disparate solutions, often driven by a "do it yourself" mentality, can lead to overwhelming tool sprawl. The resulting lack of interoperability directly hinders innovation, fragments data insights, and ultimately undermines the effective delivery of AI solutions.As automation and AI become increasingly interdependent, systems mu

Last month, we launched Red Hat Ansible Automation Platform 2.6, and introduced several new features including an automation dashboard, a self-service automation portal, and the Ansible Lightspeed intelligent assistant. We hosted a follow-up webinar, What’s new with Ansible Automation Platform 2.6, during which we received some great questions from the audience about how to install, migrate, and upgrade to the latest version. To help you prepare for and navigate the Ansible Automation Platform 2.6 release, we've compiled the top questions and their answers.Installations, upgrades, and migrat

Confidential computing is needed to protect sensitive data not only when it is stored or transmitted, but also while it is actively being processed in memory - traditionally the most vulnerable phase. In this article, I demonstrate how to implement a secure runtime environment using AWS Nitro Enclaves for applications on EC2 instances running Red Hat Enterprise Linux 9.6+ (RHEL).To fully understand the concepts, use cases, and justifications for confidential computing, read our previous articles. The hardware used to provide secure communication and certification is based on AWS Nitro architec

As organizations shift from reactive automation to proactive and intelligence-driven operations, Event-Driven Ansible continues to gain momentum. By combining real-time system insights from Red Hat Lightspeed (formerly Red Hat Insights) with Event-Driven Ansible rulebooks, teams can automatically respond to security risks, configuration changes, compliance findings, and operational anomalies, without waiting for human intervention. With Red Hat Ansible Automation Platform 2.6, we introduced a small but meaningful enhancement that strengthens trust and observability in automated operations. Any

In this October roundup, we cut through the noise to focus on the essential technical blueprints and policy foundations required to succeed. These articles, from key platform updates and critical security integrations to the future of open source legality, represent the core strategic reading for Q4. We highlight how Red Hat Ansible Automation Platform 2.6 streamlines operations, how Red Hat AI 3 and its intelligent control plane transform GPU infrastructure, and how our strategic partnership with NVIDIA simplifies the AI software stack. This is the quarter for planning that prepares your orga

Red Hat Lightspeed (formerly Red Hat Insights) has long helped operations teams detect risks, open tickets, and share findings with the right tools, connecting proactive intelligence to everyday workflows.Much has changed, not only in Red Hat Lightspeed itself, but also in how organizations are using it. Across industries, teams have built custom dashboards, reporting portals, and IT service management (ITSM) integrations powered by the Red Hat Lightspeed API. Others have connected Red Hat Lightspeed data into continuous integration and delivery (CI/CD) pipelines, monitoring environments, and

Generative AI demands infrastructure that’s not only powerful but repeatable, auditable, and scalable. From chat bots and content generation to intelligent automation agents, organizations are deploying AI at scale. But with this innovation comes complexity. In short, deploying generative AI isn’t just about models, it’s about managing the infrastructure and operations behind them reliably. The Red Hat Certified Collection, amazon.ai, addresses this problem by bringing infrastructure-as-code principles to AI and operational monitoring.The problem: Manual AI management doesn’t scaleEve

As organizations continue to accelerate digital transformation in the cloud, customers are looking for ways to enhance safeguards for sensitive workloads, especially those in highly regulated industries. As such, confidential computing has become an increasingly prominent way to protect workloads by providing an isolated, hardware-encrypted environment based on a zero-trust security model. To help address this need, we are pleased to announce the general availability of confidential containers on Microsoft Azure Red Hat OpenShift, expected to be delivered in the coming weeks. This feature give

We are thrilled to announce the general availability of Red Hat OpenShift Service Mesh 3.2. This release includes the general availability of Istio’s ambient mode—a new way of deploying service mesh without sidecars that significantly lowers the resource costs of using service mesh. This provides a low overhead solution for zero trust networking with lightweight pod-to-pod mTLS encryption and authorization policies based on workload identities, with the ability to add more advanced features as required.Based on the Istio, Envoy, and Kiali projects, this release updates the version of Istio

We’ve been dedicated to advancing Red Hat Advanced Cluster Security for Kubernetes in line with the rapid evolution of Kubernetes security. With version 4.9, we’re introducing key integrations and updates designed to help streamline your workflows. To that end, we’ve improved our ability to integrate with other tools and services, enhanced visibility into operations, and begun the work of bringing virtual machines (VMs) into our scope of reporting and scanning. Red Hat Advanced Cluster Security Integration with ServiceNowA significant highlight of Red Hat Advanced Cluster Security 4.9 is

The software supply chain has evolved dramatically in recent years. Today's applications integrate countless components—from open source libraries and container images to AI models and training datasets. Each element represents a potential security risk that organizations must understand, verify, and continuously monitor. As supply chain attacks increase in frequency and sophistication, enterprises need comprehensive solutions that provide both artifact integrity and deep visibility into their software dependencies.Red Hat's latest releases of Red Hat Trusted Artifact Signer 1.3 and Red Hat

Are you excited to try out post-quantum cryptography in Red Hat Enterprise Linux (RHEL), but you haven't yet upgraded to RHEL 10? Our efforts to ensure that you're ready to make the switch, and to prepare your organization for "Q-Day", now start with RHEL 9.7. By getting started now, you can proactively begin strengthening your security posture and preparing for a seamless transition to RHEL 10.RHEL 9 was released in 2022 and was an important step forward from a security perspective. It was the first version of RHEL that received FIPS 140-3 certification, matching current security requirement

The age of quantum computing is on the horizon, and with its immense processing power comes a significant threat to the cryptographic foundations of our digital world. In this article, we'll explore the emerging support for post-quantum cryptography (PQC) in Red Hat OpenShift 4.20, focusing on how it enhances the core components of the Kubernetes control plane: the apiserver, kubelet, scheduler, and controller-manager. Missing is etcd, using an older version of Go.The quantum threatToday's widely used public-key cryptosystems, such as RSA and elliptic curve cryptography (ECC), form the foundat

Deploying cutting-edge AI in U.S. government environments can present a formidable challenge. While the power of accelerated computing is essential for modern workloads, the path to achieving an Authority to Operate (ATO) is paved with the complex and time-consuming demands of applying controls such as the Defense Information Systems Agency’s (DISA) Security Technical Implementation Guides (STIGs). This crucial security hardening process can be a manual, painstaking effort that creates friction between development teams and security mandates, slowing innovation.Today, Red Hat is reducing tha

The most common task facing system administrators is patching infrastructure. It's time consuming, it requires coordination with application teams and stakeholders, and it often must happen in segments over time. These complications make it difficult to maintain environmental consistency, which in turn can lead to instability, performance issues, and more time spent by operations staff. Using Red Hat Insights content templates to patch Red Hat Enterprise Linux (RHEL) helps limit the complexity of these activities while also increasing consistency across an IT estate.Define, instruct, and patch

You’ve trained the model, packaged it on Red Hat OpenShift AI, and it’s ready to work. The next move is exposing it through an API so people and applications can use it. At that moment, your model stops being an internal experiment and becomes a front-door service. And like any front door, somebody is going to knock … sometimes it’s the right user, sometimes not.Your model is no longer just a project in a lab: it’s a production endpoint. And like any endpoint, it’s a target. How do you ensure that only the right applications and users are interacting with it? How do you protect the