The RHEL root trust store and why it matters for security

Photo by Robynne Hu on Unsplash In the perilous realm of digital security, trust is fragile. Transport Layer Security (TLS) web server authentication relies on trust anchors, but a flaw in the design puts web entities at risk of malicious impersonation. This article explores the origin of certificates in the RHEL root trust store and […]

Compliance is NOT Security

The Problem with Security and Compliance Mixture When talking to customers or colleagues, I often see two distinct topics being conflated: Compliance and (IT-) Security. Some customers have requirements they say MUST be fulfilled. When asked what their goal with this requirement is, they cannot elaborate the intention. They often fall back into saying that […]

Software Supply Chain Security

What is Software Supply Chain Security ? In this day and age most of us are looking for trust and security. This is also true for our IT infrastructure as challenges from the outside grow more and more dangerous to the continuation of undisturbed business. Attacks on the IT infrastructure of companies not only rise […]

How often do you patch ?

Historically, there have been two schools of thought about patching: Patch as soon as a patch is available to eliminate security risks versus testing the patch extensively before it is applied to production systems ( aka “Never change a running system” ). One of the main reasons why you might feel the need to patch […]

You’ve written a Kubernetes-native Application? Here is how OpenShift helps you to run, develop, build and deliver it – securely! (1/4)

This blog kicks off a series of 4 blog articles. They will all be available here, as soon as they get published. Run: Get your Angular, Python or Java Dockerfile ready with Red Hat’s Universal Base Image and deploy with Helm on OpenShift Develop: The Inner Loop with OpenShift Dev Spaces Build: From upstream Tekton […]

State of the art end-to-end automation

How to achieve a sound & compelling governance handling change requests, incidents and problem tickets in a DevSecOps scenario – based on authors’ field experience with end to end automation.

Securing “Layer 8”

Being a life-long techie, I’ve been working with the Open Systems Interconnection (OSI) model for over 30 years in various organisations and it is a tried and tested model on which all modern networks are based. I’ve also worked to secure each layer to ensure that communication and data transfer mechanisms conform to the well […]

Protecting your Red Hat Mobile Apps with Red Hat SSO

This post demonstrates how you can protect your mobile apps and adding Open ID Connect based single sign on by integrating Red Hat Mobile with Red Hat SSO. The adapters provided by the Keycloak upstream project can be used for handing over user authentication to Red Hat SSO instead of building your own OIDC clients. […]

close

Subscribe to our newsletter.

Please select all the ways you would like to hear from Open Sourcerers:

You can unsubscribe at any time by clicking the link in the footer of our emails. For information about our privacy practices, please visit our website.

We use Mailchimp as our newsletter platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp's privacy practices here.