OpenShift blog

    June 3, 2021

    CVE-2021-30465 Mitigated by Default in OpenShift

    The ultimate goal of almost every hacker is to go up. To step up. To grab root, and use it to go higher or lower on the stack, depending upon your perspective. That first foothold is the key element ...

    Alex Handy

    May 19, 2021

    How to Use HashiCorp Vault and Argo CD for GitOps on OpenShift

    To allow for more secure GitOps practices, sensitive data should should never be stored in Git. This presents a bit of a conundrum for GitOps, we need the secrets in Git... but we do not want to ...

    Phil Moses

    March 25, 2021

    DevSecOps is the Way: Monthly OpenShift Security Series

    Starting March 2021 the Red Hat Security Ecosystem team is happy to announce our monthly OpenShift series, “DevSecOps is the Way” In this series you will learn how Red Hat weaves together DevOps and ...

    Dave Meurer

    February 21, 2021

    Demystifying DevSecOps - Everything You Must Know to Get it Right

    The rapid emergence of modern software development initiatives, public cloud services, and cloud-native tools such as Kubernetes and containers has accelerated the seminal move towards DevOps ...

    Wei Lien Dang

    February 12, 2021

    DevOps vs. DevSecOps - Here’s How They Fit Together

    DevOps, DevSecOps, shift-left, security posture, cloud native, etc. Chances are you’ve heard these terms or similar buzzwords when discussing modern application development life cycles. These new ...

    Michael Foster

    October 15, 2020

    6 Kubernetes Security Use Cases You Must Prioritize

    Organizations are rapidly moving their Kubernetes applications to production to accelerate feature velocity and drive digital transformation and business growth. Our latest State of Kubernetes ...

    Ajmal Kohgadai

    October 10, 2020

    Protecting Kubernetes Against MITRE ATT&CK: Impact

    The final part of our nine-part blog series – where we examine each of the nine MITRE ATT&CK tactics and techniques for Kubernetes – analyzes a set of techniques that fall under the category known as ...

    Wei Lien Dang

    October 1, 2020

    Protecting Kubernetes Against MITRE ATT&CK: Lateral Movement

    The eighth installment in our nine-part blog series – where we examine each of the nine MITRE ATT&CK tactics and techniques for Kubernetes – examines lateral movement. Following a breach, an attacker ...

    Wei Lien Dang

    August 13, 2020

    Protecting Kubernetes Against MITRE ATT&CK: Discovery

    Part seven of our nine-part blog series – where we examine each of the nine MITRE ATT&CK tactics and techniques for Kubernetes – examines the technique known as Discovery. The tactics in this ...

    Wei Lien Dang

    July 27, 2020

    Protecting Kubernetes Against MITRE ATT&CK: Defense Evasion

    The fifth installment in our nine-part blog series – where we examine each of the nine MITRE ATT&CK tactics and techniques for Kubernetes – covers Defense Evasion, a grouping of techniques focused on ...

    Wei Lien Dang

    August 1, 2019

    Istio Security: Running Microservices on Zero-Trust Networks

    In our previous blog post about the Istio service mesh, we provided an overview of Istio’s features and capabilities and why you may (and sometimes may not, at least not yet) want to use it as a ...

    Karen Bruner

    June 20, 2019

    Getting started with Istio Service Mesh - What is it and What Does it Do?

    Anyone who has even a passing interest in Kubernetes and the cloud native ecosystem has probably heard of Istio. Getting a clear description of what exactly Istio is, what it can (and can’t) do, and ...

    Karen Bruner