Lucy Kerner, Security Global Technical Evangelist and Strategist at Red Hat, will be making a return appearance at the Atlanta RHUG. Some of you will remember what a great session she gave last years and this year will be even better. Lucy will be speaking on Red Hat Security, then turning you loose (with guidance) on one or more of the following labs which she and her team presented at Summit 2019 (descriptions below):
- Creating Customized Security Policy Content to Automate Security Compliance
- Implementing Proactive Security and Compliance Automation and DevSecOps
- Defend Yourself Using Built-in Red Hat Enterprise Linux Security Technologies
*Lab participants must bring a laptop to the event with a SSH client and Web Browser (Firefox with plugins disabled recommended)
Hope you can join us!
Creating Customized Security Policy Content to Automate Security Compliance
This lab will introduce you to the ComplianceAsCode project, the ultimate tool that creates content for automated security tools. The project contains over one thousand rules - elements of security policies. Rules have descriptions, justifications, and reference to existing security standards. They also have Open Vulnerability and Assessment Language (OVAL) checks, bash remediations and Ansible content to a varying degree.
ComplianceAsCode enables automated evaluation and fast and efficient remediations against security controls for compliance with regulatory or custom profiles and for automated configuration compliance. It allows you to produce a tailor-made security policy for your company with minimal effort, and the OpenSCAP ecosystem can do the scanning and support for problem resolution. Specifically, OpenSCAP is a National Institute of Standards and Technology (NIST) certified scanner designed to perform configuration and vulnerability scans on a system, to validate security compliance content, and to generate reports and guides based on these scans and evaluations.
Implementing Proactive Security and Compliance Automation and DevSecOps
In this hands-on lab, you’ll learn how to implement security and compliance automation at scale for the infrastructure, operations, and application across a hybrid environment, in a controlled way, using a combination of various Red Hat products and technologies. Specifically, you will go through a series of exercises that will show you how, from a central place, you can: create and enforce control policies in an automated way, perform automated security scans and remediations for various different security profiles and security controls, do proactive security and automated risk management, implement automated web application hardening, and more. The goal of this lab is to introduce you to a variety of Red Hat products that can help you with proactive security and compliance automation across the infrastructure, operations, and application across a hybrid environment. We will demonstrate the power and flexibility of using either one or a combination of Red Hat products to help you with various security and compliance automation use cases.
Defend Yourself Using Built-in Red Hat Enterprise Linux Security Technologies
In this lab, you’ll learn how you can build defense-in-depth in the OS by implementing the key security technologies available to you in the latest version of Red Hat Enterprise Linux.
You will implement security at all layers, in a defense-in-depth approach, to build a strong foundation to proactively defend against possible security attacks and breaches. You will ensure security compliance by using technologies such as OpenSCAP, Audit, AIDE, session recording, and system wide crypto policies. You will implement physical security with technologies such as USBGuard and add network security with technologies such as firewalld, SELinux port security, and IPSec. You will implement access management with Ansible system roles, Identity Management, and SELinux process isolation. You will implement data security with Linux Unified Key Setup(LUKS), Network Bound Disk Encryption, and GNU Privacy Guard.
More about Shadow-Soft
Shadow-Soft is a systems integrator with a rich open source history. Our team of strategists and engineers help organizations navigate their technology journey with confidence. Hundreds of customers rely on Shadow-Soft to solve business problems with solutions that span culture, process, and technology. Learn more at shadow-soft.com