Red Hat introduced new levels of cross-portfolio security capabilities to allow organizations to boost their security postures and adopt DevSecOps. The new capabilities aim to help organizations mitigate risks and meet compliance requirements across IT environments that mix cloud services, traditional systems, and edge devices. With these enhancements, Red Hat intends to reduce the complexity and improve organizations’ security posture.
Enhancing supply chain security
Red Hat’s new software supply chain security pattern delivers complete stacks as code and defines, builds, and tests the necessary software configurations. The pattern, available as a preview, brings the necessary components to architect cloud-native applications from trusted components together. It uses a Kubernetes-native, continuously-integrated pipeline through Red Hat OpenShift Pipelines and Red Hat OpenShift GitOps.
Red Hat also unveiled a technical preview of Ansible content signing technology in Red Hat Ansible Automation Platform 2.2. It enables automation teams to validate that the automation content being executed in their enterprise is verified and trusted to help with software supply chain security. Vincent Danen, Vice President of Product Security at Red Hat said,
« This is Red Hat’s commitment to DevSecOps – making security not something bolted on, but a seamless integral part of moving applications from development to production to assist IT teams, both technically and organically. »