Security

Securing distributed software systems might seem more complex than ever, but the working principles of good software security haven't really changed.

Security and authentication strategies for apps on Kubernetes | DevNation Tech Talk

Keeping Kubernetes secrets secret | DevNation Tech Talk

Learn how IBM Security Verify provides advanced authentication to Red Hat SSO environments while also balancing id-less and password-less experiences.

Configure a keystore for a Java-based web service or HTTP endpoint, and a truststore for a web service client, HTTP client, or messaging client.

Discover the design principles and performance improvements behind GCC's code generation strategies for defending against stack clash attacks.

Discover the new -fanalyzer option coming to GCC 10 that provides a static analysis pass to identify problems at compile-time, rather than at runtime.

JSON Web Tokens (JWT) are a web standard–RFC 7519–but using them with Eclipse MicroProfile may be a mystery. This cheat sheet by Red Hat Senior Software Engineer Martin Stefanko will help you get moving immediately.

Learn how to enable the use of multiple Ansible vault passwords through vault IDs to encrypt a file and a string.

Learn how to generate a JWT token and then validate it using API calls, so Keycloak's UI is not exposed to the public.

Find out how NGINX can act as a reverse proxy server for back-end applications, which can be hosted on an enterprise application server.

We show a practical example on how to secure modern applications and microservices with Red Hat Single Sign-On, Fuse and 3scale.

How to sign and verify signatures of container images using podman and skopeo

The basic steps of container security involve securing the build environment, securing the container hosts, and securing the content running inside.

See how the keycloak-saml adapter can be configured in the place of Picketlink to enable SAML-based authentication with a third-party identity provider.

We show how to simplify SSL certificates using Let's Encrypt with Apache httpd on Red Hat Enterprise Linux 7.

Learn how Keycloak can help you secure your microservices in this video demonstration from Sebastien Blanc.

Instructions in the NOP space are an attractive way to provide new performance and security features; we show how to use them effectively.

Quay.io is a container image repository that automatically scans your images for security vulnerabilities. Learn how to use this powerful feature.

We share some recent improvements for go-toolset, including a feature that lets Go call into a FIPS 140-2 validated cryptographic library.

A DevNation Live session - Easily secure your cloud-native microservices with Keycloak

In this article, we'll show how you can access Linux services remotely from .NET using SSH port forwarding.

The key steps for installing Red Hat Enterprise Linux 8 as a VirtualBox VM to get you started with software development.

This article covers how the -fstack-check capability in GCC works and explains why it is insufficient for mitigating Stack Clash attacks.