Red Hat and Oracle announced the general availability of Red Hat OpenShift on Oracle Cloud Infrastructure (OCI) Compute Virtual Machines (VMs).
Red Hat announced that Red Hat OpenShift Service on AWS GovCloud and Red Hat Insights have achieved Federal Risk and Authorization Management Program (FedRAMP®) Agency Authority to Operate (ATO) at the High Impact Level.
With FedRAMP High authorization, organizations in highly regulated industries can address key government security and compliance requirements. US federal agencies and their contractors are now able to build, deploy and run Kubernetes-based applications on Red Hat OpenShift Service on AWS GovCloud. Additionally, with the authorization of Red Hat Insights, agencies can now monitor and manage their business, operations, and security use cases for Red Hat Enterprise Linux on AWS GovCloud using Red Hat Insights.
FedRAMP is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security assessment, authorization and continuous monitoring for cloud products and services. FedRAMP introduced their High Impact Level to account for the government’s most sensitive, unclassified data in cloud computing environments, including data that involves law enforcement, emergency systems, financial systems, health systems and more. Achieving FedRAMP High indicates that Red Hat OpenShift Service on AWS GovCloud and Red Hat Insights have successfully undergone rigorous audits of critical security controls to highly-sensitive data in cloud computing environments. This news follows Red Hat OpenShift Service on AWS’s prioritization for provisional authorization through the Joint Authorization Board (JAB) last year.
Launched in March of 2021, Red Hat OpenShift Service on AWS (ROSA) is a joint, turnkey application platform from Red Hat and AWS that makes it easier for customers to build, scale and manage containerized applications on AWS.
Red Hat OpenShift Service on AWS GovCloud simplifies operations so agencies can focus on application innovation, rather than managing complex underlying infrastructure. For agencies who already use Red Hat OpenShift, the service simplifies moving on-premises OpenShift workloads to AWS and offers a tighter integration with other AWS services. With FedRAMP High, agencies can deploy highly-sensitive workloads on Red Hat OpenShift Service on AWS GovCloud with greater confidence in their ability to conform to data access and residency regulations, and to address known security vulnerabilities with applicable fixes. ROSA is backed by a Red Hat site reliability engineering (SRE) team that manages the underlying infrastructure, integrated tools and day to day operations, including automating updates, patches and upgrades.
Red Hat Insights is a predictive analytics offering as part of Red Hat Enterprise Linux subscriptions with enhanced threat visibility to enable customers to reduce risks in their hybrid cloud operating environments for a more secure IT framework. Insights for Red Hat Enterprise Linux uses predictive analytics and deep domain expertise to reduce complex operational tasks from hours to minutes, including identifying security and performance risks, reporting on subscriptions, and managing costs.
Companies with federal workloads can use Insights for Red Hat Enterprise Linux to experience the agility, flexibility and efficiency of cloud based solutions. Insights simplifies Red Hat Enterprise Linux operations by using predictive analytics and comprehensive domain expertise to assess IT environments and identify and prioritize operational and security risks, directly address identified issues, and simplify system management tasks.
Red Hat OpenShift Service on AWS GovCloud with FedRAMP High as well as Red Hat Insights with FedRAMP High are both now generally available.
Industry News
The Software Engineering Institute at Carnegie Mellon University announced the release of a tool to give a comprehensive visualization of the complete DevSecOps pipeline.
Synopsys has entered into a definitive agreement with Clearlake Capital Group, L.P. and Francisco Partners.
Postman released v11, a significant update that speeds up development by reducing collaboration friction on APIs.
Sysdig announced the launch of the company’s Runtime Insights Partner Ecosystem, recognizing the leading security solutions that combine with Sysdig to help customers prioritize and respond to critical security risks.
Nokod Security announced the general availability of the Nokod Security Platform.
Drata has acquired oak9, a cloud native security platform, and released a new capability in beta to seamlessly bring continuous compliance into the software development lifecycle.
Amazon Web Services (AWS) announced the general availability of Amazon Q, a generative artificial intelligence (AI)-powered assistant for accelerating software development and leveraging companies’ internal data.
Red Hat announced the general availability of Red Hat Enterprise Linux 9.4, the latest version of the enterprise Linux platform.
ActiveState unveiled Get Current, Stay Current (GCSC) – a continuous code refactoring service that deals with breaking changes so enterprises can stay current with the pace of open source.
Lineaje released Open-Source Manager (OSM), a solution to bring transparency to open-source software components in applications and proactively manage and mitigate associated risks.
Synopsys announced the availability of Polaris Assist, an AI-powered application security assistant on the Synopsys Polaris Software Integrity Platform®.
Backslash Security announced the findings of its GPT-4 developer simulation exercise, designed and conducted by the Backslash Research Team, to identify security issues associated with LLM-generated code. The Backslash platform offers several core capabilities that address growing security concerns around AI-generated code, including open source code reachability analysis and phantom package visibility capabilities.
Azul announced that Azul Intelligence Cloud, Azul’s cloud analytics solution -- which provides actionable intelligence from production Java runtime data to dramatically boost developer productivity -- now supports Oracle JDK and any OpenJDK-based JVM (Java Virtual Machine) from any vendor or distribution.