When it comes to managing security risks, enterprises face an increasing number of challenges. One of these challenges is managing the security health of the…read full post

Application allowlisting is the practice of specifying an index of approved applications or executable files that are permitted to run on a system by a…read full post

You can avoid the "heart-ache and the thousand natural shocks" of conflicting vulnerability reports by following Red Hat's OVAL feed and security ratings. Here's how…read full post

“I don’t have permission to do this!” That’s one of many phrases that I used to hear from a couple of developers when trying to…read full post

In this final entry for the container security series, we'll look at network traffic control for containers running in Red Hat OpenShift…read full post

In our last post we talked about using Multi-Category Security (MCS) instead of Multi-Level Security (MLS) to provide isolation on systems with different levels of…read full post

In this post, we look at Control-Flow Integrity (CFI) protection implemented by the Clang compiler for x86_64 architecture…read full post

Red Hat’s virtualization ecosystem consists of QEMU, an emulator, and Linux's Kernel-based Virtual Machine (KVM), an in-kernel driver along with many other software projects that…read full post

In our last post, we discussed SELinux and how it can be used to improve container security. We also looked at the Multi-Level Security (MLS)…read full post

An optimizing compiler is one that tries to maximize some attributes of an executable program at the expense of other attributes. Most modern compilers support…read full post