CloudForms in AWS Summary and recap

For the last few posts Laurent Domb has been explaining how to squeeze CloudForms and AWS integration by teaching you how to:

  • Upload the CF images to AWS
  • Create all the needed config files in AWS
  • Deploy CF on AWS
  • Configure the new in 4.6 SmartState Analysis (SSA)
  • Use that SSA to add a compliance policy to an instance
  • Use AWS authentication in CF

 

You can find the blog posts here:

Please let us know what are your thoughts and which other series would you like to read in the blog

CloudForms in AWS part 4

In this post of our series, we will demonstrate what we did in the previous sections in which we configured AWS and CloudForms, to run a SmartStaty analysis to automatically resolve a vulnerability in Java

In the video, I will:

  • Perform a SmartState Analysis (SSA) in my instance
  • Review the SSA process
  • Add a compliance policy to the instance
  • Execute the policy
  • Verify the remediation action
  • Validate the auto-remediation

CloudForms on AWS Part 1 (Series)

Ever wondered what CloudForms can do for you in AWS? The next few blog posts will walk you through step by step how to upload the CloudForms image to AWS, how to assign the correct policies and roles and how to configure it correctly so it can discover your environment. Part 1 is dedicated to the import and configuration of the CloudForms image.

With the release of CloudForms 4.6 you also have the ability to scan instances in AWS. These blog series will show you how this can be achieved:

Continue reading “CloudForms on AWS Part 1 (Series)”

Ensuring Container Image Security on OpenShift with Red Hat CloudForms

In December 2016, a major vulnerability, CVE-2016-9962 (“on-entry vulnerability”), was found in the Docker engine which allowed local root users in a container to gain access to file-descriptors of a process launched or moved into the container from another namespace. In a Banyan security report, they found that over 30% of official images in Docker Hub contain high priority security vulnerabilities. And FlawCheck surveyed enterprises asking for their top security concern regarding containers in production environments. “Vulnerabilities and malware,” at 42%, was the top security concern among those surveyed. Clearly security is a top concern for organizations that are looking to run containers in production.

At Red Hat, we are continuously improving our security capabilities and introduced a new container scanning feature with CloudForms 4.2 and OpenShift 3.4. This new feature allows CloudForms to flag images in the container registry in which it has found vulnerabilities, and OpenShift to deny execution of that image the next time someone tries to run that image.

Continue reading “Ensuring Container Image Security on OpenShift with Red Hat CloudForms”