Use of container technology solidifies Red Hat’s DevSecOps approach amid intensifying threats toward IT

Through DevSecOps, Red Hat builds in security across the entire stack, preserving its differentiation in the security space

In today’s IT landscape, security is often overlooked in many DevOps and Agile models, yet for some, it is becoming a priority. Put simply, DevSecOps takes DevOps to the next level, tightly integrating security in every stage of the product lifecycle to ensure a secure technology stack. While containers are not imperative for DevSecOps, the technology greatly improves efficiency and aids in implementing the process at scale. Red Hat demonstrates this approach via its hybrid cloud, enterprise Kubernetes platform, OpenShift. Essentially an enterprise version of Kubernetes, Red Hat OpenShift delivers a cloud-like, managed application platform, across on-premises and public cloud environments. Red Hat has taken a holistic approach to DevSecOps, securing every layer of the stack from the OS to microservices. TBR believes this approach has allowed Red Hat to position its security portfolio as one that will encourage adoption of OpenShift and containers in general, as automation tools help customers manage IT with process scalability, system response and compliance:

• Red Hat Ansible Automation – Ansible is Red Hat’s enterprise automation platform that provides a universal IT automation language that can be used to build and operate automation at scale. Red Hat introduced Ansible integrations with third-party security tools, such as IBM QRadar and Splunk to help security operations centers quickly respond to threats. As such, Ansible users can automate and integrate different security solutions that can respond to threats across the enterprise using a curated collection of Ansible modules, roles and playbooks.
• Red Hat Satellite – Red Hat Satellite is an infrastructure management product specifically designed to manage Red Hat environments at scale and keep RHEL and other Red Hat infrastructure environments running securely and compliant to both industry and custom security standards.
• Red Hat Insights – Insights is Red Hat’s SaaS-based predictive analytics engine that analyzes registered Red Hat-based systems across physical and virtual environments. In addition, Insights provides users with Ansible remediation playbooks to fix issues; Insights is included with all RHEL subscriptions.

On Dec. 12, 2019, Red Hat and co-sponsor, Intel, hosted the Red Hat Security Summit in Waltham, MA. Key talks included: Automating security and compliance in the world of containers and hybrid cloud, Security concerns in container runtimes and Simplifying security through Red Hat Satellite and Insights. The event concluded with a hands-on workshop, providing access to Red Hat technologies and products, for discovering the importance of implementing security and compliance automation at scale in a hybrid world.