Getting Strategic About Security

In this video from the Red Hat Summit 2018, Chief Security Architect Mike Bursell takes an enthusiastic look at three open source security technologies: DevSecOps, serverless computing, and Trusted Execution Environments.

These technologies are examples of where Red Hat’s longview is aimed for the security realm.

Continue reading “Getting Strategic About Security”

Building trust in cloud computing with Keylime

The goal of the Keylime project is to connect the features of Trusted Platform Modules (TPMs) and cloud computing. Keylime is a scalable trusted cloud key management system, providing an end-to-end solution for both bootstrapping hardware-rooted cryptographic identities for Infrastructure-as-a-Service (IaaS) nodes and for system-integrity monitoring those nodes via periodic attestation. Keylime extends the attestation capabilities of the TPM into the cloud, allowing tenants to verify that their applications, operating systems, and everything down to the hardware have not been tampered with.

A TPM (Trusted Platform Module) is a chip, present in most modern computers, that can perform various cryptographic statements in a tamper-proof fashion. In particular, through UEFI secure boot, a TPM can be used to verify at boot time that anything from the firmware up through the kernel and applications has not been modified from what the distributor originally shipped.

Continue reading “Building trust in cloud computing with Keylime”

Introducing the Red Hat Summit Office of the CTO Sessions

At the first signs of Spring, all Red Hatters turn at least one eye toward Red Hat Summit. Over the years, we’ve had many conversations with attendees about what kind of information and perspectives they’d like to hear at Summit. We learned that attendees appreciated the actionable technical information they received, but that they were interested in getting some insight into Red Hat’s point of view on emerging technology trends and their thoughts on the future.  That was the motivation behind a new set of sessions from the Office of the CTO that we’re very excited to announce.

Continue reading “Introducing the Red Hat Summit Office of the CTO Sessions”

The Long View on Blockchain

Blockchain is everybody’s latest buzzword–right up there with AI and IoT–but what does it mean, and how is it relevant to the enterprise?

The answer to those questions is likely “a lot,” but before we get to that, let’s define what a blockchain is–and isn’t.

Continue reading “The Long View on Blockchain”

Open Source Strength Within Distributed Weakness Filing

If you could visualize the code that comprises our current technology landscape, you might imagine in your mind’s eye a glowing field of interconnected lines with bright bits of information flowing along the lines’ paths. Here and there, you might see flaws in the network–places where human error have introduced gaps and openings among the lines.

Continue reading “Open Source Strength Within Distributed Weakness Filing”