Compliance

Published on
April 28, 2025
All About ARF
arf scap compliance openshift rhel
ARF is the best-kept secret for better asset security control reporting. In this article I take a closer look at ARF, and how it can be used to build better reports.
Published on
October 30, 2024
Taming OpenShift Audit with RHACS
openshift audit rhacs security compliance stackrox tlog
In this article I look at some approaches to "tame" OpenShift audit and event data, and show how you can use Red Hat Advanced Cluster Security for Kubernetes (RHACS) to create immediate alerts from OpenShift audit events.
Published on
November 2, 2022
Improved Functional Verification Testing with Ansible
functional verification ansible automation security compliance
Ansible provides a way to automate functional verification tests. This article looks at an improved approach to automating functional verification tests that I introduced in an earlier article.
Published on
September 30, 2022
Functional Verification Testing with Ansible
functional verification ansible automation security compliance
Functional verification provides a way that we can attest to the configuration of a device or system, and verify compliance controls. This article looks at a functional verification approach using Ansible.
Published on
August 18, 2021
Compliance is mislabelled
compliance risk security
Compliance evokes images of checking boxes. The real purpose of IT system compliance is risk migitation, and it probably just needs a better name