We're thrilled to unveil our latest release: Red Hat Advanced Cluster Security for Kubernetes 4.5. Following last year's 4.0 release, our team has been hard at work enhancing the essential workflows that businesses depend upon to safeguard their Kubernetes and container environments. The 4.5 release marks a significant milestone for our security solution, and coincides with our SaaS offering, Red Hat Advanced Cluster Security Cloud Service’s graduation from limited availability to general availability.
The 4.5 release includes the general availability of key new enhancements as well as significant feature updates to core functionality. These updates include:
- Vulnerability Management 2.0 general availability (GA)
- Scanner V4 general availability (GA)
- Compliance enhancements
- Hardening Red Hat Advanced Cluster Security integrations
Additional Red Hat Advanced Cluster Security platform updates include:
- Red Hat Advanced Cluster Security on Red Hat OpenShift Service on AWS (ROSA) hosted control planes (HCP)
- Built-in email notifier in Red Hat Advanced Cluster Security Cloud Service
- Extended Github action support in roxctl
As always, you can find more information about the release in the Red Hat Advanced Cluster Security documentation and release notes, and you can explore the new SaaS version of Red Hat Advanced Cluster Security through the 60-day, no-cost trial.
Vulnerability management 2.0 (GA)
The new Red Hat Advanced Cluster Security vulnerability management 2.0 dashboard enhances the vulnerability management workflow. With Red Hat Advanced Cluster Security 4.5, this dashboard is now generally available and integrates exception management, vulnerability reporting, and the workload CVEs page into the vulnerability management 2.0 framework, while retaining the original dashboard during the transition period.
The graduation of the vulnerability management 2.0 dashboard signifies the consolidation of all underlying dashboards into a unified vulnerability management dashboard.
Key features in vulnerability management 2.0 include:
- Platform and node CVE workflows tab, providing identical functionality as the previous vulnerability management dashboard.
- Enhanced filtering capabilities have been implemented, allowing for the prioritization of remediation by focusing on fixable critical and important CVEs.
- Administrators can discover CVEs and prioritize remediation efforts through namespace views to help manage multi-tenant environments.
This updated dashboard aims to enhance user capability by identifying vulnerabilities and their specific locations with increased speed and efficiency. It also provides clearer differentiation between CVEs associated with nodes, platforms and workloads.
Vulnerability scanner V4 general availability (GA)
In version 4.4, we introduced a substantial update to core vulnerability management workflows with the release of Red Hat Advanced Cluster Security scanner V4 in tech preview (TP). Red Hat Advanced Cluster Security scanner V4 merges the previous StackRox scanner with the upstream Clair V4 scanner from Red Hat Quay, delivering consistent scan results across offerings, broader language and operating system support, and access to an expanded vulnerability database built from the following sources: Red Hat’s vulnerability feed, osv.dev, NVD and more.
Red Hat Advanced Cluster Security scanner V4 is now generally available and fully supported in version 4.5. To ensure a seamless transition, users must explicitly enable it via the Red Hat Advanced Cluster Security Operator or Helm chart deployment options.
For more information about enabling the Red Hat Advanced Cluster Security scanner V4, see:
- “Scanner settings” in installing RHACS on Red Hat OpenShift.
- “RHACS Scanner V4” in installing RHACS on other platforms.
Compliance updates
Compliance Operator and Red Hat Advanced Cluster Security are tightly integrated to help enable customers to meet their OpenShift platform and node compliance requirements. The integration allows OpenShift users to monitor the technical controls from CIS, NERC-CIP, NIST-800-53, DISA STIG, or PCI-DSS compliance benchmarks that are critical to your operations.
The 4.5 release introduces enhanced integration with the OpenShift Compliance Operator. In Red Hat Advanced Cluster Security 4.5, you can:
- Generate weekly, daily, and hourly compliance reports for multiple OpenShift clusters simultaneously.
- Summarize compliance results for a specific profile across clusters.
- Streamline reporting workflows for compliance auditors with benchmarks and controls.
These new features and updates are under the Compliance tab in your RHACS dashboard. For more information, see the RHACS documentation.
Bring your own public key infrastructure with Cosign signature verification and enforcement
To enhance supply chain security, ensure provenance and implement SLSA-focused guardrails, Red Hat Advanced Cluster Security now supports the integration of custom public key infrastructure (PKI) with Cosign signature verification.
Red Hat Advanced Cluster Security has supported the Cosign project and integration for several years, offering flexible policies and seamless integration with Cosign. Red Hat Advanced Cluster Security 4.5 has added support for verifying Cosign signatures that are backed by an organization’s existing PKI infrastructure.
Red Hat Advanced Cluster Security incorporates these fundamental updates through its existing Cosign integration and provides customers with policy functionality, notifications and enforcement mechanisms during deployment to bolster provenance, further helping organizations meet their provenance objectives.
Try out the new updates, at no cost, for 60 days with Red Hat Advanced Cluster Security Cloud Service
The Red Hat Advanced Cluster Security team is continuously identifying how we can improve the offering to fit our users’ unique needs. If you want to check out these features yourself, sign up for our 60-day, no-cost trial today!
執筆者紹介
チャンネル別に見る
自動化
テクノロジー、チームおよび環境に関する IT 自動化の最新情報
AI (人工知能)
お客様が AI ワークロードをどこでも自由に実行することを可能にするプラットフォームについてのアップデート
オープン・ハイブリッドクラウド
ハイブリッドクラウドで柔軟に未来を築く方法をご確認ください。
セキュリティ
環境やテクノロジー全体に及ぶリスクを軽減する方法に関する最新情報
エッジコンピューティング
エッジでの運用を単純化するプラットフォームのアップデート
インフラストラクチャ
世界有数のエンタープライズ向け Linux プラットフォームの最新情報
アプリケーション
アプリケーションの最も困難な課題に対する Red Hat ソリューションの詳細
オリジナル番組
エンタープライズ向けテクノロジーのメーカーやリーダーによるストーリー
製品
ツール
試用、購入、販売
コミュニケーション
Red Hat について
エンタープライズ・オープンソース・ソリューションのプロバイダーとして世界をリードする Red Hat は、Linux、クラウド、コンテナ、Kubernetes などのテクノロジーを提供しています。Red Hat は強化されたソリューションを提供し、コアデータセンターからネットワークエッジまで、企業が複数のプラットフォームおよび環境間で容易に運用できるようにしています。
言語を選択してください
Red Hat legal and privacy links
- Red Hat について
- 採用情報
- イベント
- 各国のオフィス
- Red Hat へのお問い合わせ
- Red Hat ブログ
- ダイバーシティ、エクイティ、およびインクルージョン
- Cool Stuff Store
- Red Hat Summit