To help government agencies and regulated industries embrace cloud-native innovation at scale while enhancing their security posture, we are pleased to announce the publication of the Security Technical Implementation Guide (STIG) from the Defense Information Systems Agency (DISA) for Red Hat OpenShift 4. The guide is available for download at the Department of Defense (DoD) Cyber Exchange.
As containers continue to grow in adoption, the number of vulnerabilities and regulatory concerns has increased exponentially. According to Red Hat’s 2023 State of Kubernetes Security Report, 67% of respondents report they have had to slow down cloud-native adoption due to security concerns. However, the need for rigorous security measures and compliance controls doesn’t mean organizations need to place digital transformation efforts on hold.
Scaling innovation while focusing on security
Managing security is a continuous process. Red Hat OpenShift is designed to support how government agencies work in a digital world, enabling Kubernetes-based applications to be developed and deployed more quickly while prioritizing security posture and compliance measures. Red Hat OpenShift is a single application platform for building and scaling containerized applications or modernizing existing applications. Red Hat OpenShift helps you build security into your applications by shifting security to the left, automate policies that let you manage container deployment security, and protects cloud-native applications at runtime. Additionally, Red Hat OpenShift Platform Plus builds on the capabilities of Red Hat OpenShift with:
- Red Hat Advanced Cluster Management for Kubernetes, which provides multicluster management, end-to-end visibility, and control of your Kubernetes clusters.
- Red Hat Advanced Cluster Security for Kubernetes, which provides Kubernetes-native security with DevSecOps capabilities to protect the software supply chain, infrastructure, and workloads.
- Red Hat Quay, a globally-distributed and scalable registry with advanced access control and security scanning.
Customers benefits
Using the critical security guidance, organizational approvals will be more attainable to get systems in production faster for security-conscious computing in a variety of regulated industries, from energy and banking to government and defense.
Key benefits include:
- Customers can now deploy Red Hat OpenShift with greater assurance that it complies with STIG security guidelines.
- STIG for Red Hat OpenShift includes a number of controls that cover not just Red Hat OpenShift, but also the underlying Red Hat CoreOS, upon which the OpenShift node is built.
- Administrators automatically assess compliance of both the Kubernetes resources of Red Hat OpenShift, as well as the nodes running the cluster. The latest Compliance Operator, expected to be available later this month, uses OpenSCAP, a NIST-certified tool, to scan clusters for compliance with a range of security policies. Administrators can also use the Compliance Operator to automatically remediate clusters to achieve compliance with the profile.
"Red Hat has long been a leader in security for enterprise open source solutions and continues to evolve to set new standards in securing cloud-native environments,” said Vincent Danen, vice president, Product Security, Red Hat. “With the publication of the DISA STIG for Red Hat OpenShift 4, agencies and organizations can build, deploy, and operate a wide range of applications across the hybrid cloud with the assurance that it is in compliance with STIG security guidelines."
Red Hat is committed to bringing the industry’s leading hybrid cloud application platform powered by Kubernetes to government agencies and regulated industries that want to embrace open hybrid cloud while meeting the stringent requirements of sensitive workloads. This announcement follows additional recent certifications and attestations, including the release of the first Ansible STIG, the announcement of Red Hat OpenShift on AWS prioritization for FedRAMP JAB, and an assessment of Red Hat OpenShift Service on AWS through the InfoSec Registered Assessors Program (IRAP).
Download today
Get started today with a modern, scalable approach to enhancing security for the entire application platform stack with the Red Hat OpenShift 4 DISA STIG.
À propos de l'auteur
Red Hat is the world’s leading provider of enterprise open source software solutions, using a community-powered approach to deliver reliable and high-performing Linux, hybrid cloud, container, and Kubernetes technologies.
Red Hat helps customers integrate new and existing IT applications, develop cloud-native applications, standardize on our industry-leading operating system, and automate, secure, and manage complex environments. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. As a strategic partner to cloud providers, system integrators, application vendors, customers, and open source communities, Red Hat can help organizations prepare for the digital future.
Contenu similaire
Parcourir par canal
Automatisation
Les dernières nouveautés en matière d'automatisation informatique pour les technologies, les équipes et les environnements
Intelligence artificielle
Actualité sur les plateformes qui permettent aux clients d'exécuter des charges de travail d'IA sur tout type d'environnement
Cloud hybride ouvert
Découvrez comment créer un avenir flexible grâce au cloud hybride
Sécurité
Les dernières actualités sur la façon dont nous réduisons les risques dans tous les environnements et technologies
Edge computing
Actualité sur les plateformes qui simplifient les opérations en périphérie
Infrastructure
Les dernières nouveautés sur la plateforme Linux d'entreprise leader au monde
Applications
À l’intérieur de nos solutions aux défis d’application les plus difficiles
Programmes originaux
Histoires passionnantes de créateurs et de leaders de technologies d'entreprise
Produits
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Services cloud
- Voir tous les produits
Outils
- Formation et certification
- Mon compte
- Assistance client
- Ressources développeurs
- Rechercher un partenaire
- Red Hat Ecosystem Catalog
- Calculateur de valeur Red Hat
- Documentation
Essayer, acheter et vendre
Communication
- Contacter le service commercial
- Contactez notre service clientèle
- Contacter le service de formation
- Réseaux sociaux
À propos de Red Hat
Premier éditeur mondial de solutions Open Source pour les entreprises, nous fournissons des technologies Linux, cloud, de conteneurs et Kubernetes. Nous proposons des solutions stables qui aident les entreprises à jongler avec les divers environnements et plateformes, du cœur du datacenter à la périphérie du réseau.
Sélectionner une langue
Red Hat legal and privacy links
- À propos de Red Hat
- Carrières
- Événements
- Bureaux
- Contacter Red Hat
- Lire le blog Red Hat
- Diversité, équité et inclusion
- Cool Stuff Store
- Red Hat Summit