Category: Uncategorized

[RFC] Defense in Depth 2014

In June 2013, Red Hat sponsored a day-long event which consisted of technical workshops. This ended up being called the ‘Defense in Depth’ day, and our old webpage is still live: http://www.redhat.com/workshop/defense/ http://www.redhat.com/workshop/defense/workshops/ And as a refresher, last years ‘save the date’ announcement: https://www.redhat.com/mailman/private/gov-sec/2013-May/msg00029.html Dan Walsh flew in to speak on SELinux, Steve Grubb on […]

Read More

Creating the OpenStack Security Guide (book)

Factoring all moving components of OpenStack, the rapid release cycles, and the sheer complexity of large deployments, OpenStack security information has been decentralized and obsoleted every one or two releases (case in point: Nova networking vs Quantum Neutron). To aid the community and provide practical hardening guidance, the OpenStack Security Group aspired to create a book that […]

Read More

Don’t miss the point of the RHEL6 STIG!

There’s a DoD Directive, DoDD 8500.1, mandating the hardening of IT products prior to deployment on military networks. Per policy these hardening requirements must be issued by the Defense Information System Agency, who has responsibility for DoD’s global information grid, before technology can be deployed on military networks. That requirement is now met for RHEL6. […]

Read More

Save the Date: 26-JUNE workshops on Common Criteria KVM, RHEL6 STIG, Audit, SELinux, and Storage

This past March Red Hat and DLT hosted a day of STIG and SCAP workshops, allowing the community to get their hands on the pending RHEL6 STIG, perform scans and gain some overall familiarity with SCAP. NSA and DISA FSO joined the sessions, allowing attendees to have direct conversations with policy makers and those who […]

Read More

Interested in a RHEL6 STIG and SCAP workshop?

With the recent DISA publication of the draft STIG, the timing seems right to host a STIG workshop. NSA IAD and Red Hat will be hosting a public STIG and SCAP workshop on Tuesday 26-MAR-2013. Additionally, DISA FSO will be in attendance to hear feedback from the community. You can register here: https://engage.redhat.com/forms/stig-workshop In the […]

Read More

Draft RHEL6 STIG Released… now what?!

On 12-FEB-2013 DISA released the first public draft of the Red Hat Enterprise Linux 6 (RHEL6) STIG. Let’s play with it. Understand it. Become friends.

Read More