Security

Learn more about OCP Security

Introduction

OpenShift is often described as being “secure by default”. In this section, you will explore some of the reasons behind that designation.

Security Domains in OCP

RHACS

SC & SCCs

Security Contexts and Security Context Constraints

See the lab & course

DAST/SAST/Image Scanning

See the lab & course

Compliance in OCP

There are a number of aspects to OCP focused around Compliance, from default configurations, ACS add-ons, and optional integrations. One example is the OpenShift Compliance Operator, based on OpenSCAP.

A Guide to OpenShift Compliance Operator Best Practices
Your Guide to security hardening OpenShift using the compliance operator

References

DevSecOps is the Way: Monthly OpenShift Security Series

OCP Image Scanning

Image Vulnerability and Config Scanning in OCP

OCP SCCs

Security Context Constraints in OCP

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.

Last modified September 8, 2023: loadbalancer (e0d5315)