Account Log in
Jump to section

How Red Hat OpenShift enables container security

Copy URL

Red Hat® OpenShift® delivers a modern, scalable approach to securing the entire application platform stack, from operating system to container to application.

Red Hat closes acquisition of StackRox.

  • Control the trusted sources of content, testing, and deployments.
  • Defend applications from attacks and vulnerabilities in all layers of the platform.
  • Enable and extend secure services through standard interfaces and APIs.

Managing security is a continuous process. As applications are deployed or updated, it’s critical to provide dynamic security controls to keep the business safe. Red Hat OpenShift can apply security controls to the software supply chain, improving the security of applications without reducing developer productivity. Red Hat allows businesses to control, defend, and extend their application platform throughout the application lifecycle.

OpenShift security procedures circle diagram

Trusted by over 90% of the Fortune 500, Red Hat builds on decades of security experience for today’s applications and into the future*

*Red Hat client data and Fortune 500 list, June 2017

KuppingerCole Report Leadership Compass: Container security

Get a comprehensive overview of the container and Kubernetes security market to help you evaluate and select the right container security solution.

Container host and platform multitenancy

Red Hat Enterprise Linux® manages multitenancy of the container runtime: Using Linux namespaces, SELinux, CGroups, and Secure Computing Mode (seccomp) to isolate and protect containers.

Security and trusted content sources

With over 70% of public application content having a security vulnerability, it’s critical to work with trusted sources. Red Hat Ecosystem Catalog delivers validated application content from Red Hat Application Services and certified ISV partners.

The new Compliance Operator provides a declarative way to specify and achieve security compliance for the Red Hat OpenShift cluster.

Securing the container registry

Registries play a critical role in the secure software supply-chain, frequently interacting across the application lifecycle. Red Hat OpenShift provides an integrated container registry that allows applications to be scanned for vulnerability and cryptographically signed for trusted identification. When using Red Hat OpenShift with Red Hat Quay with Clair for vulnerability scanning, vulnerability data is visible in the Red Hat OpenShift console.

Securing the build pipeline

The Continuous Integration/Continuous Delivery (CI/CD) pipeline is at the core of a more secure software supply chain. Red Hat OpenShift integrates tightly with Jenkins and other standard CI/CD tools to manage builds, code inspection, and validation. Red Hat OpenShift S2I allows for secure application builds directly on the platform.

Managing secure container deployments

By default, Red Hat OpenShift prevents containers from running as root. In addition, Red Hat OpenShift enables granular deployment policies that allow operations, security, and compliance teams to enforce quotas, isolation, and access protections.

Managing the secure container application platform

From authentication to authorization to secrets management, Red Hat OpenShift integrates secure operational capabilities to ensure trust between users, applications, and security policies.

Secure container application platform on any cloud

Red Hat OpenShift can be securely deployed across any cloud platform, including bare metal, virtualization, VMware, OpenStack, AWS, Azure, and GCP.

Defend the network

Red Hat OpenShift provides security features for multi-tenant networking and fine-grained network control. All traffic to the control plane is encrypted. Application traffic is encrypted with Red Hat OpenShift Service Mesh.

Secure the data

Red Hat OpenShift provides strong encryption controls to protect sensitive data including platform secrets and application configuration data. Red Hat OpenShift optionally uses FIPS 140-2 Level 1 compliant encryption modules to meet security standards for U.S. federal departments.

Managing secure API endpoints and gateways

Red Hat OpenShift integrates Red Hat 3scale API Management to authenticate, secure, and rate-limit API access to applications and services.

Learn about Red Hat’s approach to security and compliance

Insights into critical vulnerabilities

Red Hat Advanced Cluster Security for Kubernetes integrates with DevOps and security tools to help automate DevSecOps in the build pipeline, enforce security policies, mitigate runtime threats, and minimize operational risk to the applications in Red Hat OpenShift environments.

Success story

Macquarie transforms digital banking experience for customers

Keep reading

Article

What are Red Hat OpenShift Operators?

Red Hat OpenShift Operators automate the creation, configuration, and management of instances of Kubernetes-native applications.

Article

Why choose Red Hat OpenShift Serverless?

Red Hat OpenShift Serverless extends Kubernetes in order to deploy and manage serverless workloads.

Article

Why choose Red Hat OpenShift Service Mesh?

Red Hat OpenShift Service Mesh gives you a uniform way to connect, manage, and observe microservices-based applications.

More about OpenShift

Products

Red Hat OpenShift

An enterprise-ready Kubernetes container platform with full-stack automated operations to manage hybrid cloud, multicloud, and edge deployments.

Red Hat OpenShift Data Science

A fully supported sandbox in which to rapidly develop, train, and test machine learning (ML) models.

Red Hat OpenShift Data Foundation

Software-defined storage that gives data a permanent place to live as containers spin up and down and across environments.

Red Hat Advanced Cluster Management Kubernetes

A single console, with built-in security policies, for controlling Kubernetes clusters and applications.

Resources

Training

Free training course

Running Containers with Red Hat Technical Overview

Free training course

Developing Cloud-Native Applications with Microservices Architectures

Free training course

Containers, Kubernetes and Red Hat OpenShift Technical Overview

Red Hat logo LinkedInYouTubeFacebookTwitter

Products

Tools

Try, buy, & sell

Communicate

About Red Hat

We’re the world’s leading provider of enterprise open source solutions—including Linux, cloud, container, and Kubernetes. We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

Subscribe to our newsletter, Red Hat Shares

Sign up now

Select a language

© 2022 Red Hat, Inc.