Life can be good with open source — so, went the title for one of my recent blogs after a recent ransomware attack that had apparently compromised critical systems and applications at a medical facility. The point of this article was that enterprise solutions are safer and better prepared for such attacks with timely patches and upgrades to the tools and technologies used.
That being said, it is also important that said tools and technologies are intrinsically secure across all architectural layers of these solutions. ‘Adversaries R Us’ do not necessarily have a top down, layer based approach to planning their next attack. The most vulnerable opening is the best point of attack — no matter which layer it is in — could be the underlying operating system, the virtualized environment, the authentication mechanism — you name it, they got it!
Thus, it is vital that all solution layers have security mechanisms built into them. Even better, the underlying products and tools must have such features intrinsically enabled.
There are four simple questions that come to mind as I review these session abstracts.
- Are we on secure ground?
- Who are we dealing with?
- Are we following the regulations that matter?
- What lies ahead?
And here is how the Security track at the Red Hat Summit addresses these questions.
Q.1. Are we on secure ground?
- Platform. Are you listening to what SELinux is telling you? Asks Mr. SELinux (Dan Walsh, Red Hat principal security engineer) about one of the key security features within Linux. Well known among system administrators, it is not activated as often as it should be in production. You will get a first hand perspective on activating SELinux and hearing about implementation challenges and successes from IT.NRW, a German government IT service provider.
- Virtualization. Rapid adoption and growth of virtualization over the past few years has led to increased complexity and risks. Widely prevalent and pervasive environments are prime targets for Adversaries R Us. Hence it behooves us to get an Understanding of the security risks and mitigation across the virtualization stack. Having second thoughts? Just think about vulnerabilities like Venom (CVE-2015-3456) and AMD PCNET buffer overflow (CVE-2015-3209). In this session, Prasad Pandit and Scott Herold will review security across the virtualization stack—from the host, to the hypervisor (kvm/xen) layer, to Qemu or the guest level.
- Containers. Just because you are using containers, does not mean you are secure. Secure your enterprise software supply chain with containers is designed to help architects, developers and ops in enterprises to securely deliver containers for serious production workloads and deal with the operational challenges of patching and deploying them at scale in an automated manner. What gets packaged, delivered, and deployed in container images has become the focal point of its reliability and overall system security. Knowing what’s in your stack and having the ability to patch vulnerabilities in a timely manner is critical in running your cloud applications on containers.
Q.2. Do we know who we are dealing with?
- Are you who you say you are? Who would have thought — a few years back — that the Red Hat Shadowman logo would show up on the Microsoft Technet Blog! Global enterprises are more likely to have coexisting Red Hat and Microsoft environments. What about the identify of the users who go across these environments? Are you interested in integrating on-premise Red Hat Enterprise Linux clients and applications with Microsoft Azure Active Directory? Do you have on-premise clients or applications to move to Azure that require active directory for identity management? Well then, this session is for you: Identity management for cloud and hybrid cloud environments with Red Hat and Microsoft
- The mystic powers of Single Sign-On. Gartner VP and Fellow Massimo Pezzini asserts Shake-up your integration strategy to enable Digital Transformation. Single Sign-On is a defining aspect of an overall integration strategy. Rarely does middleware security enter the conversation, but it should. Services such as single sign-on (SSO), overall enterprise identity access controls, auditing and compliance, certifications, vulnerability management (SCAP), and others are critical to application security as well as overall enterprise IT control. The session on Middleware security: Authentication, authorization, and auditing services walks through what Red Hat is doing to provide security across its Red Hat JBoss Middleware and how Keycloak is used as an identity provider and Red Hat JBoss EAP as service provider for single sign-on, social login, federated logout and more.
Q.3. Are we following the regulations?
- Continuous compliance requires timely remediation. Compliance, security automation, and remediation with CloudForms, Satellite, and Ansible highlights how to quickly detect and remediate security and compliance issues in your hybrid, virtual, and cloud computing environments. Lucy Kerner explains how a multitude of Red Hat products — CloudForms, Satellite, and Ansible Tower can help achieve compliance, security automation, and remediation in a short time.
- Compliance is good. Automated compliance is priceless. OpenSCAP provides practical security hardening advice for Red Hat products and links to compliance requirements, making deployment activities like certification and accreditation easier. The session on End-to-end OpenSCAP for automated compliance, describes how to use OpenSCAP along with Red Hat products, like Red Hat Satellite 6, to ensure security and compliance in your enterprise. SCAP provides us a way to create machine-readable controls that can automate compliance checks.
Q.4. Where are we headed?
- Vision, solution and roadmap for identity and access management. Identity management and authentication are core elements of the security fabric that connects all layers of the modern enterprise. The Red Hat identity and access management vision, solution, and roadmap session describes Red Hat’s vision in identity and access management (IAM) – Red Hat’s identity management portfolio from a near-term perspective, and the long-term roadmap
- What lies in store for Red Hat security? Security has never been more important or a bigger topic than it is today. Red Hat has been a leader in security for more than 10 years. What is coming in the future for Red Hat Security? Attend the session on Red Hat security roadmap to find out. Incidentally, this session is by Red Hat Security Strategist Josh Bressers, who had shared his thoughts on Why Security Experts are notoriously bad at talking to (normal) people?
Those then are the sessions that call out various aspects of securing open source the Red Hat way and answer the four questions listed above.
What say you? Which of these sessions are you plan on attending? Let me know @NadhanEG.
Rest assured I will be there — eagerly awaiting a conversation with you after the session.