Today, almost everything includes open source software. Understanding your software’s supply chain tells you how secure it is, just like knowing where your food comes from helps you decide if it’s safe to eat.

Red Hat® Shares, Red Hat's monthly corporate newsletter, features our take on technology trends, open source software, and recent industry news to help you navigate the complex world of IT.


In this issue: Security and open source software

  • How do you know if your software is secure?
  • FEATURED Container security: What’s inside counts
  • Shellshock: How IKEA patched 3,500 servers in 2.5 hours
  • What IT pros think about security in 2016
  • 2016 security trends | Open source means stronger security | Security infographic
  • Recommended | Red Hat news and more | Events

From the editor

How do you know if your software is secure?

Software is like food: To know it’s safe, you need to know where it comes from and what’s in it.

Today, almost everything includes open source software—from TVs to space probes to enterprise apps. Your business software likely includes third-party, open source components, too. Understanding your software’s supply chain tells you how secure it is, just like knowing where your food comes from helps you decide if it’s safe to eat. Ask your vendors where their software comes from, and if they:

  • Closely track upstream projects.
  • Inspect, test, secure, log, and digitally sign everything from the community that goes into their commercial software.
  • Supply high-quality security updates and monitor sources for ongoing threats.
  • Have a dedicated product security team that can cut through the hype of branded threats, like Shellshock and Heartbleed, and patch the problem quickly.
  • Have clearly defined software life cycles.

If your vendors can’t answer these questions, you might want to rethink those relationships.

Watch the “Securing the software supply chain” webinar to learn more

Register now

 

Featured story

Container security: What’s inside counts

“[A container is] an image that contains just what you need that you run only when you need it,” explains Josh Bressers (@joshbressers), security strategist at Red Hat, in his article Securing containers before they take over the world. “There isn’t a bunch of extra software installed and running.”

Less stuff means less risk, right? Not exactly. And with the growing use of containers, it’s time to get serious about securing them.

Read the article

 

Customer spotlight

Shellshock: How IKEA patched 3,500 servers in 2.5 hours

IKEA runs 3,500 Red Hat® Enterprise Linux® servers in 35 countries. Red Hat notified IKEA of the Shellshock bug on the day it was reported, and 2 people at IKEA patched all the servers in just 2.5 hours.

How? With Red Hat Satellite.

But the real story is how IKEA's servers are standardized and up to date. This plus unified system management helps IKEA quickly react to major events like Shellshock.

Watch the “IKEA vs. Shellshock” webinar for details

Register now

Related

10 rules of SOEs

A standardized operating environment can simplify your IT structure—but it takes planning. Download the e-book.

"Secure Foundations" virtual event

Watch part 1 and part 2 sessions on demand.

 

Survey says

Top security concerns: What IT professionals think

  • 47% Potential loss of customer trust
  • 36% Poor employee security practices
  • 33% Risks from outside breaches
  • 14% Unpatched or unpatchable devices
Source: TechValidate Research on Red Hat Enterprise Linux

See the full results

 


More to learn

Network World: 5 security trends to watch for 2016

With the average cost of a data breach (US$3.79 million) expected to grow this year, you might want to keep these major security trends in mind when updating your InfoSec plans for 2016.

Learn more

 

Is your open source software less secure?

“There is no such thing as perfect security. …the goal of locking up your valuables is not to make them impossible to steal, but rather expensive to steal.”

Read the article

 

Infographic: Your guide to IT security and open source

Find out what CIOs, Fortune 500 leaders, and industry experts think about IT security and enterprise open source software.

Download

 

Around the web

Related events

  • Apache: Big Data - May 9-12 - Vancouver, BC, Canada
  • DrupalCon - May 9-13 - New Orleans, LA
  • ApacheCon - May 11-13 - Vancouver, BC, Canada
  • OSCON - May 16-19 - Austin, TX
  • PGCon - May 17-21 - Ottawa, ON, Canada
  • Red Hat Technical Event Series: Containers in the Enterprise
  • Seattle, WA - May 3
  • Portland, OR - May 4
  • San Diego, CA - May 5
  • Washington, D.C. - May 10
  • Indianapolis, IN - June 2
  • Miami, FL - June 9
  • Red Hat Summit - June 27-30 - San Francisco, CA
 

About the author

The Red Hat Shares team comprises content strategists who work with lots of smart subject matter experts. Together, we curate content on emerging tech topics your enterprise needs to learn about to stay competitive.

Read full bio