Linux

Controlling software supply chain security will require new tools, automation and vigilance

Recently I had the opportunity to join a few other Red Hatters to talk about software supply chains with SiliconAngle. They did a writeup "Controlling software supply chain security will require new tools, automation and vigilance" that was great and included the full series of videos.

The interview I did with Luke Hinds can also be seen on YouTube: Vincent Danen and Luke Hinds, Red Hat | Managing Risk In The Digital Supply ...

Read More

Linux

Curated, tested and supported: How enterprise vendors mitigate open source supply chain risk

Published on the Red Hat blog, noting here that Curated, tested and supported: How enterprise vendors mitigate open source supply chain risk was posted yesterday. It's an article that talks about supply chain risk and associated costs -- after all, no software is truly "free" (which is why we prefer the term open source to free software). So where is that cost paid? The article explores that.

It also has a Read More


Linux

Interview about CVSS

I was recently interviewed by my friend Jack Wallen (whom I've known for 20 years as he actually coerced me to start writing for TechRepublic ages ago!). It was about a topic near and dear to my heart: CVSS (or Common Vulnerability Scoring System). With the explosion of security scanning vendors, particularly around containers, the reliance and misunderstanding of CVSS has been a thorn in my side.

I don't often blog about challenges at ...

Read More

Linux

What Makes Red Hat Enterprise Linux So Secure (Video)

I had a great opportunity this summer to be interviewed by TelecomTV. It feels a little weird to post this here since I don't typically "self-promote" in any way, however this was a neat experience and I think the points are good. If you've been looking at my blog for any length of time you know I don't typically write directly about the things I do at Red Hat, but since this ...

Read More

Linux

Periodic security reviews (and a bit of a rant)

Today marks one month that my "work time" is 100% devoted to Red Hat; last month I "retired" from any of the IT/web work for my church that I've been doing for the last 12 or so years. It's been an interesting month being able to spend time on things that I want to spend on outside of regular Red Hat work hours. =) My rediscovered and available time has been spent ...

Read More

Linux

Getting started with firewalld

I'm mostly writing this for my own reference as I spent a bunch of time figuring this out while I was on holidays with some serious oVirt misadventures and didn't document any of what I did, so since I had to reinstall CentOS 7, I'm stuck doing this all over again.

Effectively I'm migrating from CentOS 6 to CentOS 7 and trying to take advantage of the new way of doing things. I could easily ...

Read More

Linux

Learn to use extended file attributes in Linux to boost security

This week's TechMail is Learn to use extended file attributes in Linux to boost security which takes a look at using chattr, getfattr, setfattr, getfacl, and setfacl; tools that can be used to offer more granular security to files and directories. Being able to use SELinux or GrSecurity, AppArmor, and other security enhancements to the kernel are great, but they're not always available and not always easily configurable. These tools take you ...

Read More