Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Approaching security and compliance with OpenShift 4


Published on

Containers have become a compelling technology for realizing the full potential of agile, DevOps, and GitOps. Enterprises are increasingly using container application platforms to deliver workloads in support of different business capabilities. The speed with which applications can be deployed, modified, and managed presents security challenges and increased attack vectors from internal and external actors. Enterprises and agencies must try to secure their containers, orchestration platforms, and underlying infrastructure to guard against these threats.

Fortunately, there are processes, procedures, and technologies that can add security to Red Hat® OpenShift® 4, its underlying platform, and container workloads running on top of it. In this session, we’ll discuss security for the platform and the deployed containers. We’ll cover:

Security concerns.
Compliance issues.
Layers of security.
Hardening approaches.

Live event date: Wednesday, November, 6, 2019 | 2 p.m. ET

On-demand event: Available for one year afterward.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Approaching security and compliance with OpenShift 4

  1. 1. Approaching Security and Compliance with OpenShift 4 Khary Mendez, RHCA Principal Consultant Greg Tinsley, RHCA Senior Consultant
  2. 2. The Hybrid Cloud
  3. 3. Agile Integration DevOps GitOps Cloud-Native Possibilities Automation Distributed Systems Artificial Intelligence
  4. 4. Digital Transformation
  5. 5. OpenShift Containers The Application Kubernetes Cloud Orchestrator
  6. 6. The Elephants Security Compliance
  7. 7. Survey 1 Thinking back to the last project that you worked on, at what point was security addressed? a) At the beginning b) In the middle c) Towards the end d) Never e) Throughout, from beginning to end
  8. 8. Cloud Security Data Network Hosts Access
  9. 9. Security Mindset Control Defend Extend
  10. 10. Compliance PII Non-repudiation Privacy
  11. 11. Container Revisited
  12. 12. OpenShift 4 Network Isolation Network policy plugin, ISTIO service mesh Logging Log aggregation stack, audit logging Red Hat CoreOS Immutable operating system Identity and Access Management Role Based Access Control, Single Sign-On
  13. 13. Survey 2 Since OpenShift has security built into the product, is there anything else that needs to be done to satisfy an organization’s Security and Compliance requirements? A) Yes B) No
  14. 14. Responsibility
  15. 15. Irresponsibility
  16. 16. Red Hat Universal Base Image (UBI)
  17. 17. Trusted Container Supply Chain
  18. 18. Application Build Pipeline
  19. 19. Access Control Subject Object
  20. 20. Role-Based Access Control
  21. 21. Recap Hybrid Cloud Security Compliance OpenShift 4 Trusted Image Supply Chain RBAC
  22. 22. Next Steps -framework/operator -sdk Planning/Discovery Session developers.redhat.con / CRC
  23. 23. -hat user/ RedHatVideos redhatinc RedHat Red Hat is the world’s leading provider of enterprise open source software solutions. Award-winning support, training, and consulting services make Red Hat a trusted adviser to the Fortune 500. Thank you