Red Hat has a long history of adopting and creating security technologies to harden our core platforms, such as Red Hat Enterprise Linux (RHEL). When…read full post

In hybrid cloud environments, where workloads are deployed in physical hosts, virtual machines and containers across on-premise and cloud environments, security becomes more and more…read full post

DevSecOps is not just about shifting left. It is about integrating security throughout the entire DevOps lifecycle. We weave security in, end-to-end using multiple methods…read full post

Virtual private network (VPN) technology has changed immensely since the publication of the original Guide to IPsec VPNs (SP 800-77) in 2005. The guide was…read full post

USBGuard is a software framework that helps protect your systems against rogue USB devices by implementing basic allowlisting and blocklisting capabilities. This allows you to…read full post

Common Vulnerability Scoring System (CVSS) rating is used as a guideline to identify and describe key metrics of a flaw and is meant to help…read full post

This is a primer on the implementation of the ROLIE protocol. The purpose of this report is to recommend automated processes for information exchange of…read full post

When it comes to managing security risks, enterprises face an increasing number of challenges. One of these challenges is managing the security health of the…read full post

Application allowlisting is the practice of specifying an index of approved applications or executable files that are permitted to run on a system by a…read full post

You can avoid the "heart-ache and the thousand natural shocks" of conflicting vulnerability reports by following Red Hat's OVAL feed and security ratings. Here's how…read full post