The Marvin Attack is a new side-channel attack on cryptographic implementations of RSA in which the attacker decrypts previously captured ciphertext by measuring, over a network, server response times to specially crafted messages. The attacker also may forge signatures with…
Category: Red Hat Security
Reducing the significant risk of known exploitable vulnerabilities in Red Hat software
In a previous Red Hat article, VP of Red Hat Product Security, Vincent Danen, discussed the question “Do all vulnerabilities really matter?” He emphasized that “a software vulnerability has the potential to be exploited by miscreants to harm its user.”…
Security and safety of AI systems
It is hard to imagine any modern computer system that hasn’t been improved by the power of artificial intelligence (AI). For example, when you take a picture with your smartphone camera, on average more than twenty deep learning (DL) models…
ANSSI-BP-028 security recommendations updated to version 2.0
ANSSI, the National Cybersecurity Agency of France (Agence nationale de la sécurité des systèmes d’information), provides a configuration guide for GNU/Linux systems. It’s identified as ANSSI-BP-028 (formerly known as ANSSI DAT NT-028). Recently, ANSSI published an update of its ANSSI-BP-028…
Automating secrets management with HashiCorp Vault and Red Hat Ansible Automation Platform
A lot of organizations use Red Hat Ansible Automation Platform to orchestrate their infrastructure and Hashicorp Vault to manage their secrets. But how do they work together?HashiCorp Vault is a powerful tool for managing secrets, providing a centralized platform for…
Creating a Web Application Firewall in Red Hat OpenShift
In the last few years, several Red Hat customers have asked how to add a Web Application Firewall (WAF) to the OpenShift ingress to protect all externally facing applications.A WAF is a Layer 7 capability that protects applications against some…
Easily integrate Secrets Management System with Ansible Automation Platform to update systems passwords
Changing systems passwords is a common task that all systems administrators must do to keep up with all the latest security policies. Now with secrets being managed by the secrets management system, we need a way to integrate with that…
Exploring security by design and loosening guides
The concept of security by design, which includes the concept of security by default, is not new. In fact, secure by design is considered one of the fundamental principles of secure development. In general, we say there is security by…
Kentik for Ansible Automation Platform now certified with Red Hat
The Kentik Collection is now Red Hat Ansible Certified Content, and is available on Ansible automation hub. The highlight of this is Event-Driven Ansible, an event source plugin from Kentik to accept alert notification JSON. This works in conjunction with…
Automated Policy-as-Code. Start Small. Think Big.
How to get started with automated policy as code: Start small but think BIG.A policy enforcement feature is coming to future versions of Red Hat Ansible Automation Platform. This blog provides more detail around where we’re heading with this exciting…