SAN FRANCISCO - —
Red Hat, Inc. (NYSE: RHT), the world's leading provider of open source solutions, today launched a new container scanning interface to enable security partners to easily plug into RedHatOpenShiftContainerPlatform. As containers move from experiment to enterprise-reality, a key consideration is security. Today’s news builds upon RedHat’sleadershipincontainersecurity. By integrating with multiple container scanners, Red Hat and its partners enable users to more easily see what’s running inside their containers and whether the latest security updates have been applied. The new container capabilities come via the latest version of Red Hat Enterprise Linux Atomic Host, which serves as the container operating system for Red Hat OpenShift Container Platform.
While security is crucial to all industries, there is no ‘silver bullet’ for all of our customers’ needs, especially with the many varied deployment scenarios for Linux containers. We recognize this challenge, and the latest version of Red Hat Enterprise Linux Atomic Host, with its simplified scanner integration, gives enterprises the freedom to choose a container scanning technology that best meets their needs.
Expanding Red Hat’s existing collaborationwithBlackDuckSoftware, Black Duck Hub is now fully integrated and supported as a container scanner. Black Duck Hub provides deep container inspection (DCI) of many open source component used in the operating system user space, as well as applications and libraries that might be added to containers by developers. The scanner maps known open source security vulnerabilities and dynamically monitors container inventory, providing alerts on any new vulnerabilities affecting the code. By running natively on Atomic Host, Black Duck Hub delivers added confidence in the security profile of all container images and components from development to test to production, all at scale.
Additionally, Red Hat Enterprise Linux Atomic Host also includes a technology preview of the OpenSCAP scanner. The Open Security Content Automation Protocol (OpenSCAP) project provides an ecosystem of tools and policies to help assess, measure and enforce IT security measures; the OpenSCAP scanner, also integrated with Atomic Host, applies these same protocols to container content, helping to more quickly identify vulnerabilities for remediation.
The new version of Atomic Host provides several other features and capabilities as well, including:
Updated container runtimes, offering users a choice of Docker or Open Container Initiative (OCI) run times.
Improved systemd integration to simplify migrating existing applications to more easily run inside containers.
Improved update functionality for hotfixes between full releases.
Graphical management to help make it easier to perform administration tasks, including updates from within Cockpit.
Paul Cormier, president, Products and Technologies, Red Hat, will host a webcast live from Red Hat Summit to discuss today's announcement at 11:45 a.m. PT on June 28, 2016. Following remarks, press and analysts are invited to participate in a question and answer session.
To join the webcast or view the replay after the event, visit: https://vts.inxpo.com/Launch/QReg.htm?ShowKey=32847
Tim Yeaton, senior vice president, Infrastructure Business Group, Red Hat
“Our customers want the agility of containers but cannot risk their mission-critical systems and applications on unknown content or unsupported containers - a key reason behind Red Hat’s focus on container security across our portfolio. While security is crucial to all industries, there is no ‘silver bullet’ for all of our customers’ needs, especially with the many varied deployment scenarios for Linux containers. We recognize this challenge, and the latest version of Red Hat Enterprise Linux Atomic Host, with its simplified scanner integration, gives enterprises the freedom to choose a container scanning technology that best meets their needs.”
Lou Shipley, CEO, Black Duck
“In survey after survey it’s very clear that Enterprise customers are eager to embrace container technology because of its economic and productivity benefits, but those same surveys also reveal a hesitancy to adopt containers because trust and security remain open issues. With this integration Black Duck and Red Hat have taken a bigger step toward the more secure and trusted container model that we’re both committed to delivering.”