Security

This first article in our series describes the benefits of SELinux and how it enhances the security of applications running on the system.

How to integrate Spring Boot 3, Spring Security, and Keycloak

Muhammad Edwin

July 24, 2023

Learn how to create a sample Java application on top of Spring Boot 3 and protect it by using Spring Security and Keycloak.

An introduction to Red Hat Trusted Application Pipeline

Ian Lawson

July 18, 2023

Discover more about Red Hat Trusted Application Pipeline, a secure and easy solution for the DevSecOps outer loop.

How to deploy a MSSQL database using Ansible Vault

Deepankar Jain

July 11, 2023

This article demonstrates how to install MSSQL using Ansible Vault, an Ansible Automation Platform feature, to protect sensitive information.

A developer’s guide to secure coding with FORTIFY_SOURCE

Sandipan Roy

July 4, 2023

Learn how the FORTIFY_SOURCE feature in the GNU C library improves C code security by detecting and preventing buffer overflow, and more.

Find out how automating key cybersecurity strategies can strengthen your security and reduce burden on IT teams in this short e-book.

Explore proven strategies for protecting against security threats using automation in this short e-book.

Stop deploying applications that contain security vulnerabilities

This short guide introduces key principles, tools, and techniques you need to know to better audit and act on vulnerabilities in open source software.

Learn how to use the Red Hat OpenShift Data Science platform and Starburst to develop a fraud detection workflow with an AI/ML use case.

4 essentials to prevent OS command injection attacks

Sandipan Roy

March 29, 2023

Learn about OS command injection attacks and 4 essential best practices to prevent them.

How to configure SOAP web services with Apache Camel

Michael Thirion

March 28, 2023

Learn how to configure SOAP web services with the Red Hat build of Apache Camel and Quarkus.

10 tips for writing secure, maintainable Dockerfiles

Anthony Gimei

March 23, 2023

Learn how to write a secure and maintainable Dockerfile with these 10 tips and best practices.

Our advice for configuring Knative Broker for Apache Kafka

Matthias Wessendorf

March 8, 2023

This article discusses configuration best practices and recommendations for the Knative Broker implementation for Apache Kafka, which is now GA.

5 global environment variables provided by OpenShift GitOps

Gerald Nunn

March 6, 2023

Learn about 5 global-level environment variables that OpenShift GitOps offers organizations to tailor their experience.

Learn about the RHEL image builder improved functionality and security, now available in RHEL 9.1 and 8.7.

Create groups so your automation hub users have appropriate system permissions, or grant view-only access to unauthorized users.

Discover how to improve application and library security at the source with _FORTIFY_SOURCE macro defined to 3 and how it impacts performance.

How to prevent broken access control

Sandipan Roy

December 8, 2022

Learn techniques to secure applications and prevent break-ins and data theft.

Cryostat 2.2's new JMX credentials keyring

Andrew Azores

December 7, 2022

In Cryostat 2.2, security credentials are more flexible and can be reused across many different applications.

As we head into Thanksgiving, we want to share some of the top tutorials, announcements, and guides that our developer community has engaged with the most.

Learn about static application security testing (SAST) and how it improves software security.

Interactions between libraries can cause embarrassing crashes during shutdown, but OpenSSL provides a robust shutdown procedure.

10 essentials to mitigating API security risks

Vamsi Ravula

October 20, 2022

Discover 10 essential solutions and tools to mitigate security risks throughout each step of the API life cycle.

File-based Kafka Connect scenarios with end-to-end encryption

Hans-Peter Grahsl

October 11, 2022

Learn how Kryptonite for Kafka's SMT can help you encrypt and decrypt individual field records in a granular way when building data integration scenarios on top of Kafka Connect.