Security from the software supply chain to the edge

Customers rank IT security as their top funding priority. However, it is not a requirement that remains static: regulatory controls, compliance requirements and cyber attackers change almost daily, which requires almost constant vigilance on the part of IT security teams.

On this, Red Hat has announced new innovations and security capabilities in its portfolio of open hybrid cloud technologies. Designed to help organizations mitigate risks and meet compliance requirements in increasingly complex IT environments.

“With a massive market presence and proven container management expertise, enhanced by the recent acquisition and integration of StackRox, a leading container security company, Red Hat is recognized as a Global Leader on this Leadership Compass,” comment from KuppingerCole.

Supply chain

The company is introducing a software supply chain security pattern. Delivered through Red Hat OpenShift, the patterns provide complete stacks as code and define, develop, and test the necessary software configurations.

The pattern uses a native Kubernetes pipeline and is continuously integrated through Red Hat OpenShift Pipelines and Red Hat OpenShift GitOps for version control, helping to reduce complexity and save time.

Applications from the data center to the edge

Applications running outside of traditional IT environments, including at the edge, introduce additional security requirements that compound these already complex challenges.

Red Hat Advanced Cluster Security for Kubernetes offers a deployment-ready answer to these concerns, with key capabilities to protect edge workloads, including:

• Automated DevSecOps in the CI/CD pipeline to help protect the software supply chain for edge environments through vulnerability management, application configuration analysis, and CI/CD integration
• protection against threats provides threat detection and incident response capabilities for the most common threats at runtime
• Network segmentation to enforce workload isolation, analyze container communication, and detect risky network communication paths

Red Hat introduces new levels of security from the software supply chain to the edge

Integrated security starts with the operating system

Red Hat Enterprise Linux 9 lays the foundation for runtime integrity verification of operating system and application files by providing digital file signatures within RPM packages.

The platform uses the Integrity Measurement Architecture (IMA) at the kernel level to verify individual files and their provenance. IMA file verification specifically helps detect accidental and malicious modifications to systems, providing further remediation capabilities to security teams when addressing potential issues or violations.

Other key security features in Red Hat Enterprise Linux 9 are:

• Improved security around root privileges disabling root login via SSH by default. This helps prevent discovery of root passwords through violent attacks and improves the basic security strategies of an operating environment.
• Compatibility with the latest cryptographic frameworks with the integration of OpenSSL 3. This allows IT teams to enact new ciphers to encrypt and protect sensitive information.
• Security best practices have been strengthened by disabling the cryptographically broken SHA-1 hash function for digital signing by default, improving security hygiene.

Availability

• The software supply chain security pattern is expected to be available in the coming months.
• Red Hat Enterprise Linux 9 will be generally available in the coming weeks.
• Red Hat Advanced Cluster Security for Kubernetes is now generally available.