We're thrilled to unveil our latest release: Red Hat Advanced Cluster Security for Kubernetes 4.5. Following last year's 4.0 release, our team has been hard at work enhancing the essential workflows that businesses depend upon to safeguard their Kubernetes and container environments. The 4.5 release marks a significant milestone for our security solution, and coincides with our SaaS offering, Red Hat Advanced Cluster Security Cloud Service’s graduation from limited availability to general availability.
The 4.5 release includes the general availability of key new enhancements as well as significant feature updates to core functionality. These updates include:
- Vulnerability Management 2.0 general availability (GA)
- Scanner V4 general availability (GA)
- Compliance enhancements
- Hardening Red Hat Advanced Cluster Security integrations
Additional Red Hat Advanced Cluster Security platform updates include:
- Red Hat Advanced Cluster Security on Red Hat OpenShift Service on AWS (ROSA) hosted control planes (HCP)
- Built-in email notifier in Red Hat Advanced Cluster Security Cloud Service
- Extended Github action support in roxctl
As always, you can find more information about the release in the Red Hat Advanced Cluster Security documentation and release notes, and you can explore the new SaaS version of Red Hat Advanced Cluster Security through the 60-day, no-cost trial.
Vulnerability management 2.0 (GA)
The new Red Hat Advanced Cluster Security vulnerability management 2.0 dashboard enhances the vulnerability management workflow. With Red Hat Advanced Cluster Security 4.5, this dashboard is now generally available and integrates exception management, vulnerability reporting, and the workload CVEs page into the vulnerability management 2.0 framework, while retaining the original dashboard during the transition period.
The graduation of the vulnerability management 2.0 dashboard signifies the consolidation of all underlying dashboards into a unified vulnerability management dashboard.
Key features in vulnerability management 2.0 include:
- Platform and node CVE workflows tab, providing identical functionality as the previous vulnerability management dashboard.
- Enhanced filtering capabilities have been implemented, allowing for the prioritization of remediation by focusing on fixable critical and important CVEs.
- Administrators can discover CVEs and prioritize remediation efforts through namespace views to help manage multi-tenant environments.
This updated dashboard aims to enhance user capability by identifying vulnerabilities and their specific locations with increased speed and efficiency. It also provides clearer differentiation between CVEs associated with nodes, platforms and workloads.
Vulnerability scanner V4 general availability (GA)
In version 4.4, we introduced a substantial update to core vulnerability management workflows with the release of Red Hat Advanced Cluster Security scanner V4 in tech preview (TP). Red Hat Advanced Cluster Security scanner V4 merges the previous StackRox scanner with the upstream Clair V4 scanner from Red Hat Quay, delivering consistent scan results across offerings, broader language and operating system support, and access to an expanded vulnerability database built from the following sources: Red Hat’s vulnerability feed, osv.dev, NVD and more.
Red Hat Advanced Cluster Security scanner V4 is now generally available and fully supported in version 4.5. To ensure a seamless transition, users must explicitly enable it via the Red Hat Advanced Cluster Security Operator or Helm chart deployment options.
For more information about enabling the Red Hat Advanced Cluster Security scanner V4, see:
- “Scanner settings” in installing RHACS on Red Hat OpenShift.
- “RHACS Scanner V4” in installing RHACS on other platforms.
Compliance updates
Compliance Operator and Red Hat Advanced Cluster Security are tightly integrated to help enable customers to meet their OpenShift platform and node compliance requirements. The integration allows OpenShift users to monitor the technical controls from CIS, NERC-CIP, NIST-800-53, DISA STIG, or PCI-DSS compliance benchmarks that are critical to your operations.
The 4.5 release introduces enhanced integration with the OpenShift Compliance Operator. In Red Hat Advanced Cluster Security 4.5, you can:
- Generate weekly, daily, and hourly compliance reports for multiple OpenShift clusters simultaneously.
- Summarize compliance results for a specific profile across clusters.
- Streamline reporting workflows for compliance auditors with benchmarks and controls.
These new features and updates are under the Compliance tab in your RHACS dashboard. For more information, see the RHACS documentation.
Bring your own public key infrastructure with Cosign signature verification and enforcement
To enhance supply chain security, ensure provenance and implement SLSA-focused guardrails, Red Hat Advanced Cluster Security now supports the integration of custom public key infrastructure (PKI) with Cosign signature verification.
Red Hat Advanced Cluster Security has supported the Cosign project and integration for several years, offering flexible policies and seamless integration with Cosign. Red Hat Advanced Cluster Security 4.5 has added support for verifying Cosign signatures that are backed by an organization’s existing PKI infrastructure.
Red Hat Advanced Cluster Security incorporates these fundamental updates through its existing Cosign integration and provides customers with policy functionality, notifications and enforcement mechanisms during deployment to bolster provenance, further helping organizations meet their provenance objectives.
Try out the new updates, at no cost, for 60 days with Red Hat Advanced Cluster Security Cloud Service
The Red Hat Advanced Cluster Security team is continuously identifying how we can improve the offering to fit our users’ unique needs. If you want to check out these features yourself, sign up for our 60-day, no-cost trial today!
저자 소개
채널별 검색
오토메이션
기술, 팀, 인프라를 위한 IT 자동화 최신 동향
인공지능
고객이 어디서나 AI 워크로드를 실행할 수 있도록 지원하는 플랫폼 업데이트
오픈 하이브리드 클라우드
하이브리드 클라우드로 더욱 유연한 미래를 구축하는 방법을 알아보세요
보안
환경과 기술 전반에 걸쳐 리스크를 감소하는 방법에 대한 최신 정보
엣지 컴퓨팅
엣지에서의 운영을 단순화하는 플랫폼 업데이트
인프라
세계적으로 인정받은 기업용 Linux 플랫폼에 대한 최신 정보
애플리케이션
복잡한 애플리케이션에 대한 솔루션 더 보기
오리지널 쇼
엔터프라이즈 기술 분야의 제작자와 리더가 전하는 흥미로운 스토리
제품
- Red Hat Enterprise Linux
- Red Hat OpenShift Enterprise
- Red Hat Ansible Automation Platform
- 클라우드 서비스
- 모든 제품 보기
툴
체험, 구매 & 영업
커뮤니케이션
Red Hat 소개
Red Hat은 Linux, 클라우드, 컨테이너, 쿠버네티스 등을 포함한 글로벌 엔터프라이즈 오픈소스 솔루션 공급업체입니다. Red Hat은 코어 데이터센터에서 네트워크 엣지에 이르기까지 다양한 플랫폼과 환경에서 기업의 업무 편의성을 높여 주는 강화된 기능의 솔루션을 제공합니다.