피드 구독

To help government agencies and regulated industries embrace cloud-native innovation at scale while enhancing their security posture, we are pleased to announce the publication of the Security Technical Implementation Guide (STIG) from the Defense Information Systems Agency (DISA) for Red Hat OpenShift 4. The guide is available for download at the Department of Defense (DoD) Cyber Exchange.

As containers continue to grow in adoption, the number of vulnerabilities and regulatory concerns has increased exponentially. According to Red Hat’s 2023 State of Kubernetes Security Report, 67% of respondents report they have had to slow down cloud-native adoption due to security concerns. However, the need for rigorous security measures and compliance controls doesn’t mean organizations need to place digital transformation efforts on hold.

Scaling innovation while focusing on security

Managing security is a continuous process. Red Hat OpenShift is designed to support how government agencies work in a digital world, enabling Kubernetes-based applications to be developed and deployed more quickly while prioritizing security posture and compliance measures. Red Hat OpenShift is a single application platform for building and scaling containerized applications or modernizing existing applications. Red Hat OpenShift helps you build security into your applications by shifting security to the left, automate policies that let you manage container deployment security, and protects cloud-native applications at runtime. Additionally, Red Hat OpenShift Platform Plus builds on the capabilities of Red Hat OpenShift with:

  • Red Hat Advanced Cluster Management for Kubernetes, which provides multicluster management, end-to-end visibility, and control of your Kubernetes clusters.
  • Red Hat Advanced Cluster Security for Kubernetes, which provides Kubernetes-native security with DevSecOps capabilities to protect the software supply chain, infrastructure, and workloads.
  • Red Hat Quay, a globally-distributed and scalable registry with advanced access control and security scanning.

Customers benefits

Using the critical security guidance, organizational approvals will be more attainable to get systems in production faster for security-conscious computing in a variety of regulated industries, from energy and banking to government and defense.

Key benefits include:

  • Customers can now deploy Red Hat OpenShift with greater assurance that it complies with STIG security guidelines. 
  • STIG for Red Hat OpenShift includes a number of controls that cover not just Red Hat OpenShift, but also the underlying Red Hat CoreOS, upon which the OpenShift node is built.
  • Administrators automatically assess compliance of both the Kubernetes resources of Red Hat OpenShift, as well as the nodes running the cluster. The latest Compliance Operator, expected to be available later this month, uses OpenSCAP, a NIST-certified tool, to scan clusters for compliance with a range of security policies. Administrators can also use the Compliance Operator to automatically remediate clusters to achieve compliance with the profile.

"Red Hat has long been a leader in security for enterprise open source solutions and continues to evolve to set new standards in securing cloud-native environments,” said Vincent Danen, vice president, Product Security, Red Hat. “With the publication of the DISA STIG for Red Hat OpenShift 4, agencies and organizations can build, deploy, and operate a wide range of applications across the hybrid cloud with the assurance that it is in compliance with STIG security guidelines."

Red Hat is committed to bringing the industry’s leading hybrid cloud application platform powered by Kubernetes to government agencies and regulated industries that want to embrace open hybrid cloud while meeting the stringent requirements of sensitive workloads. This announcement follows additional recent certifications and attestations, including the release of the first Ansible STIG, the announcement of Red Hat OpenShift on AWS prioritization for FedRAMP JAB, and an assessment of Red Hat OpenShift Service on AWS through the InfoSec Registered Assessors Program (IRAP)

Download today

Get started today with a modern, scalable approach to enhancing security for the entire application platform stack with the Red Hat OpenShift 4 DISA STIG.

 


저자 소개

Red Hat is the world’s leading provider of enterprise open source software solutions, using a community-powered approach to deliver reliable and high-performing Linux, hybrid cloud, container, and Kubernetes technologies.


Red Hat helps customers integrate new and existing IT applications, develop cloud-native applications, standardize on our industry-leading operating system, and automate, secure, and manage complex environments. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. As a strategic partner to cloud providers, system integrators, application vendors, customers, and open source communities, Red Hat can help organizations prepare for the digital future.

Read full bio
UI_Icon-Red_Hat-Close-A-Black-RGB

채널별 검색

automation icon

오토메이션

기술, 팀, 인프라를 위한 IT 자동화 최신 동향

AI icon

인공지능

고객이 어디서나 AI 워크로드를 실행할 수 있도록 지원하는 플랫폼 업데이트

open hybrid cloud icon

오픈 하이브리드 클라우드

하이브리드 클라우드로 더욱 유연한 미래를 구축하는 방법을 알아보세요

security icon

보안

환경과 기술 전반에 걸쳐 리스크를 감소하는 방법에 대한 최신 정보

edge icon

엣지 컴퓨팅

엣지에서의 운영을 단순화하는 플랫폼 업데이트

Infrastructure icon

인프라

세계적으로 인정받은 기업용 Linux 플랫폼에 대한 최신 정보

application development icon

애플리케이션

복잡한 애플리케이션에 대한 솔루션 더 보기

Original series icon

오리지널 쇼

엔터프라이즈 기술 분야의 제작자와 리더가 전하는 흥미로운 스토리