Starting March 2021 the Red Hat Security Ecosystem team is happy to announce our monthly OpenShift series, “DevSecOps is the Way” In this series you will learn how Red Hat weaves together DevOps and Security to master the force called DevSecOps. We explain how to assemble Red Hat products and our security ecosystem partners to aid in your journey to master deploying a comprehensive DevSecOps solution.
Every month we present a different security topic and use cases. Topics are aligned with products and technologies from Red Hat and our software partners (ISVs). Our series brings in industry experts to discuss how to weave together culture, process, and technology.
Every month you can look forward to:
- Two (2) different OpenShift TV Shows : Wed, 1pm Eastern and Thursday, 2pm Eastern
- Three (3) different podcasts featuring ecosystem partners and industry experts. Have a listen to our first podcast introducing this series; with Aaron Levey and Dave Meurer
- OpenShift Commons Briefing hours featuring a Red Hat Security Partner (3rd Wednesday of each month)
- Various content, like blogs and whitepapers to support each month’s topic.
Mark your calendar for the 3rd week of each month with the following lineup:
Vulnerability Scanning: Identifying vulnerabilities in 3rd party dependencies in applications and containers.
Compliance: Audit and controls of industry and government regulations and corporate policies.
Identity & Access Management: Control access to on-premises and cloud assets, applications, and data based on user or application identity and administratively defined policies.
Application Analysis: Identify vulnerabilities in applications, images and configurations early in the life cycle.
Data Controls: Help protect data integrity and prevent unauthorized data disclosure for data at rest and in motion..
Network Controls: Segmentation methods that let you control, segregate, and visualize Kubernetes traffic to isolate tenants and secure communications flows between containerized applications and microservices.
Runtime Analysis: Help maintain cluster hygiene by identifying and mitigating suspicious and malicious activity in real-time.
Audit & Monitoring: Centralize logs and provide intelligence about security incidents in your production environment.
Remediation: Automatically take corrective actions when security incidents occur in production.
Platform Security: Foundational features for securing the underlying container host as well the container platform.
Our first March OpenShift TV show episode is on the new Red Hat Vulnerability Scanner Certification. Experts from Red Hat and IBM’s X-Force discuss how vulnerability scanning impacts real world customers. Catch the replay at this link:
- Steve Ocepek, IBM X-Force Red
- Jeremy West, Manager, Red Hat Product Security Engineering
- Dave Meurer, Principal Solution Architect, Red Hat Global Security ISVs
We are excited to provide all this great Security content to you each month. Please check our web site often. We will update it with links to past and future content.
Bring your light saber and be ready to train hard... may the DevSecOps be with you!
About the author
Dave Meurer currently serves as a Principal Solution Architect on the Red Hat Global Partner Security ISV team, where he owns technical relationships and evangelism with security independent software vendor partners of Red Hat. Before joining Red Hat, he spent nine years in the Application Security industry with Synopsys and Black Duck, where he served in similar roles as the director of technical alliances and sales engineering.