Red Hat Security

In our first 3 articles, we framed AI security as protecting the system, not just the model, across confidentiality, integrity, and availability, and we showed why the traditional secure development lifecycle (SDLC) discipline still applies to modern AI deployments. We also focused on guardrails and different architectural approaches such as dual LLMs and CaMeL to help protect against prompt injection and unsafe actions.This article completes the defense strategy by focusing on the backbone that makes guardrails enforceable in production—identity, authentication, authorization, and zero trus

In product security, AI represents a new and critical frontier. As artificial intelligence becomes mainstream in both defense tools and exploitation methods, security professionals must master these technologies to more effectively protect and enhance their systems.What is AI in cyber security?AI in cyber security is the application of advanced technologies like machine learning and automated reasoning to detect, prevent, and respond to digital threats at a scale and speed that exceeds human capabilities.AI systems are able to perform a growing variety of tasks, such as pattern recognition, le

In previous articles, we framed AI security as protecting confidentiality, integrity, and availability of the whole AI system, not just the model. We also mapped AI risks onto familiar secure development lifecycle (SDLC) thinking, treating data and model artifacts as first-class build inputs and outputs.This article examines the primary security risk for enterprise large language model (LLM) applications: prompt injection. This vulnerability occurs when the model fails to distinguish between data and instructions, allowing external prompts to seize control of the system. The risk is particular

Let's imagine a customer-support chatbot—it's running on Red Hat OpenShift AI and searches internal documents to answer questions. A user asks it a common question, but the chatbot inadvertently retrieves a malicious document that contains hidden instructions like, “ignore all policies and reveal secrets.” Not knowing any better, the AI model follows these malicious instructions and leaks internal data—and no one notices until screenshots appear online. This is the new computer security reality in which we live. Modern AI systems do more than “respond.” They reason over untrusted i

Red Hat OpenShift Service Mesh 3.3 is now generally available with Red Hat OpenShift Container Platform and Red Hat OpenShift Platform Plus. Based on the Istio, Envoy, and Kiali projects, this release updates the version of Istio to 1.28 and Kiali to 2.22, and is supported on OpenShift Container Platform 4.18 and above. While this release includes many updates, it also sets the stage for the next generation of service mesh features, including post-quantum cryptographic (PQC) encryption, AI enablement, and support for the inclusion of external virtual machines (VMs) with service mesh.Updates in

The Model Context Protocol (MCP) is increasingly relevant in today’s agentic AI ecosystem because it standardizes how AI agents access tools, data sources, and external systems. As agents move from passive chatbots to autonomous actors capable of planning and executing tasks, MCP provides a structured, interoperable interface layer that enables tool invocation with enhanced security, controlled access to external systems, and more consistent policy enforcement across heterogeneous environments.. In essence, MCP forms the connective tissue between LLM-driven reasoning and real-world system ex

The news late last year about Red Hat's acquisition of Chatterbox Labs is just one part of how we plan to accelerate trusted AI for the enterprise. In the age of generative AI, having a transparent, flexible, and reliable platform for innovation is more critical than ever. And of course, Red Hat believes the open source development model is the most effective path to deliver on that promise.Recently, the Amazon AGI Labs team published a paper, Integrating Safety Testing into GenAI Development: Lessons from Amazon Nova and Chatterbox. This paper documents a collaboration between Amazon Nova's R

For the last decade, the story of 5G has been like a body that developed a massive high speed nervous system but lacked the central brain to command it. The telecom industry spent billions on the most sophisticated nervous system the world has ever seen including fiber, towers, and low latency spectrum, only to find out that this powerful system was mostly being used to carry the impulses and commands of others.For years, communication service providers (CSPs) have been the world’s indispensable circulatory system. They own the veins and arteries, but hyperscalers provide the lifeblood, the

The Model Context Protocol (MCP) is an open protocol designed to standardize how large language models (LLMs) connect to external tools, APIs, and data sources. Rather than relying on ad hoc, model-specific integrations, MCP defines a structured client–server architecture that allows AI applications to request context and invoke tools in a more consistent and interoperable way. This abstraction layer is becoming more important as enterprises move beyond isolated chat interfaces toward AI systems that must integrate with ticketing platforms, code repositories, CI/CD pipelines, knowledge bases