Red Hat Security Blog: March 2017 archives

  • Changes coming to TLS: Part One

    Transport layer Security version 1.3 (TLS 1.3) is the latest version of the SSL/TLS protocol which is currently under development by the IETF. It offers several security and performance improvements as compared to the previous versions. While there are several technical resouces which discuss the finer aspects of this new protocol, this two-part article is a quick reference to new features and major changes in the TLS protocol. Faster Handshakes In TLS, before data can be encrypted, a secure...
    Posted 2017-03-29T13:30:00+00:00 - 0
  • Customer security awareness: alerting you to vulnerabilities that are of real risk

    Every day we are bombarded with information. Something is always happening somewhere to someone and unfortunately it's rarely good. Looking at this through the lens of information security, NOT getting the right details at the appropriate time could be the difference from stopping and blocking an attack, or being the next sad, tragic headline... Red Hat Product Security oversees the vulnerability remediation for all of Red Hat's products. Our dual mission of governing guidelines and standards...
    Posted 2017-03-22T13:30:00+00:00 - 0
  • Red Hat Product Security Risk Report 2016

    At Red Hat, our dedicated Product Security team analyzes threats and vulnerabilities against all our products and provides relevant advice and updates through the Red Hat Customer Portal. Customers can rely on this expertise to help them quickly address the issues that can cause high risks and avoid wasting time or effort on those that don’t. Red Hat delivers certified, signed, supported versions of the open source solutions that enable cost-effective innovation for the enterprise. This is the...
    Posted 2017-03-07T14:39:02+00:00 - 1
  • How Threat Modeling Helps Discover Security Vulnerabilities

    Application threat modeling can be used as an approach to secure software development, as it is a nice preventative measure for dealing with security issues, and mitigates the time and effort required to deal with vulnerabilities that may arise later throughout the application's production life cycle. Unfortunately, it seems security has no place in the development life cycle, however, while CVE bug tracking databases and hacking incident reports proves that it ought to be. Some of the...
    Posted 2017-03-02T21:00:00+00:00 - 0

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.