* [Blog](https://www2.paloaltonetworks.com/blog) * [Cloud Security](https://www2.paloaltonetworks.com/blog/cloud-security/) * [Announcement](https://www2.paloaltonetworks.com/blog/category/announcement/) * Securing Red Hat OpenShif... # Securing Red Hat OpenShift Using Prisma Cloud [](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fsecuring-red-hat-openshift%2F) [](https://twitter.com/share?text=Securing+Red+Hat+OpenShift+Using+Prisma+Cloud&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fsecuring-red-hat-openshift%2F) [](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2Fcloud-security%2Fsecuring-red-hat-openshift%2F&title=Securing+Red+Hat+OpenShift+Using+Prisma+Cloud&summary=&source=) [](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/cloud-security/securing-red-hat-openshift/&ts=markdown) \[\](mailto:?subject=Securing Red Hat OpenShift Using Prisma Cloud) Link copied By [Hari Srinivasan](https://www.paloaltonetworks.com/blog/author/hari-srinivasan/?ts=markdown "Posts by Hari Srinivasan") Dec 10, 2020 4 minutes [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown) [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown) [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown) [OpenShift](https://www.paloaltonetworks.com/blog/tag/openshift/?ts=markdown) [Prisma Cloud](https://www.paloaltonetworks.com/blog/tag/prisma-cloud/?ts=markdown) [red hat](https://www.paloaltonetworks.com/blog/tag/red-hat/?ts=markdown) This post is also available in: [日本語 (Japanese)](https://www2.paloaltonetworks.com/blog/cloud-security/securing-red-hat-openshift/?lang=ja "Switch to Japanese(日本語)") Palo Alto Networks is a Red Hat^®^ OpenShift^®^ Ready Partner, helping organizations across government, healthcare, financial services and the intelligence community secure their cloud native environments on OpenShift. Red Hat OpenShift is an enterprise-ready Kubernetes container platform with full-stack automated operations to manage hybrid cloud and multi-cloud deployments. The Red Hat OpenShift Container Platform runs across on-premises and public cloud infrastructure, enabling a hybrid approach to how applications can be deployed as a self-managed solution. Red Hat OpenShift is available in several offerings, with specific versions for popular cloud providers. [OpenShift Dedicated](https://openshift.com/products/dedicated) is a fully managed service of Red Hat OpenShift on Amazon Web Services (AWS) and Google Cloud. [Microsoft Azure OpenShift](https://openshift.com/products/azure-openshift) 4 is also available as a fully managed offering on Microsoft Azure. It reduces operational complexity and lets users focus on building and scaling applications that add more value to the organization. ![The range of Red Hat OpenShift services. This includes hosted services such as Red Hat OpenShift Dedicated, Red Hat for Microsoft Azure and Red Hat for IBM. It includes self-managed services such as Red Hat OpenShift Container Platform. Registry services include Red Hat Quay Container Registry, and operating systems include Red Hat Enterprise Linux (RHEL), Red Hat Enterprise Linux CoreOS (RHCOS), and Red Hat Universal Base Image (UBI).](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/08/Red-Hat-OpenShift-Services.png) The range of Red Hat OpenShift services. Prisma Cloud is the industry's [most comprehensive](https://www.paloaltonetworks.com/blog/prisma-cloud/cloud-native-security-platform-2/) Cloud Native Security Platform (CNSP) that provides security protection for organizations building and deploying on Red Hat OpenShift environments. Prisma Cloud is consumable via a SaaS console or as a native OpenShift application, which includes support for fully air-gapped environments. ## A Strong Partner with Red Hat The Palo Alto Networks connection to Red Hat goes back to Twistlock, which was acquired by Palo Alto Networks in July 2019 and is now [fully integrated](https://www.paloaltonetworks.com/blog/prisma-cloud/cloud-native-security-platform/) as part of Prisma Cloud. Twistlock provided an open source contribution to the Docker authorization plugin as part of OpenShift and supported dozens of customers using OpenShift in product development. Prisma Cloud's compute security capabilities cover: #### Vulnerability Detection and Prevention Identify vulnerable images and prevent them from deploying across your environment, with alerting and enforcement policies covering the entire CI/CD process. Prisma Cloud uses Red Hat-specific vulnerability data, resulting in incredibly precise, layer-aware vulnerability analysis with high accuracy. #### Compliance Management Users can easily monitor compliance for Docker, Kubernetes and Linux against [CIS Benchmarks](https://www.paloaltonetworks.com/blog/2020/08/cloud-cis-controls/), as well as external compliance standards and custom requirements. #### Advanced Threat Intelligence Use aggregated vulnerability information from more than 30 sources along with our internal threat labs, including built-in coverage of Red Hat CVEs directly from the Red Hat OVAL feed, and custom-developed and tested seccomp policies for common OpenShift workloads. #### Runtime Defense Protect OpenShift environments at scale with machine learning that automatically creates runtime models for every image deployed in every pod in OpenShift, hunts for anomalies and automatically prevents breakouts/attacks. #### Cloud Native Firewalls Visualize applications and protect against any Layer 4 network attacks by whitelisting inter-pod and service communication. Automatically detect and prevent threats to applications with a Layer 7 web application firewall. #### Access Control Establish and monitor access control measures for OpenShift clusters, Docker and Kubernetes while integrating with identity and access management (IAM) and secrets management tools, along with other core technologies. #### Open Container Standards Support Support open container standards like runC and containerd, and work with runtimes including Docker, cri-o and cri-containerd. ## New Red Hat-certified Prisma Cloud Operators Red Hat certified the updated Prisma Cloud operators, which are now available in the Red Hat [catalog](https://access.redhat.com/containers/#/registry.connect.redhat.com/prismacloud/compute-console-operator) and in the open source Kubernetes [operators hub](https://operatorhub.io/operator/prisma-cloud-compute-console-operator). You can easily click and deploy Prisma Cloud with the operator from inside your OpenShift Container Platform portal. Documentation explains [how to install](https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/install/install_openshift) the operator and the console on your OpenShift clusters. #### Support for OpenShift 4.x Versions With the latest release, Prisma Cloud supports OpenShift 4.2, 4.3, 4.4 and 4.5. ## Azure Red Hat OpenShift Whitelists Prisma Cloud Azure Red Hat OpenShift (ARO) is a managed OpenShift environment that doesn't allow users to run privileged containers. Tools for monitoring and security require the containers/pods to run with privileges to support deep monitoring and security policy enforcement. ![Prisma Cloud is part of the cloud native stack](https://www.paloaltonetworks.com/blog/wp-content/uploads/2020/08/cloud_native_stack.png) However, Red Hat and Microsoft have whitelisted Prisma Cloud, which allows users to run agents on ARO clusters, enabling them to secure container deployments. For more information, refer to the [Azure documentation](https://docs.microsoft.com/en-us/azure/openshift/howto-run-privileged-containers). ## Getting Started with Prisma Cloud and OpenShift Prisma Cloud provides you a secure way to build and deploy containerized applications across any Red Hat OpenShift platforms. To learn more about Prisma Cloud, visit the [product page](https://www.paloaltonetworks.com/prisma/cloud), or start with a [free 30-day trial](https://marketplace.paloaltonetworks.com/s/product-rdl). *** ** * ** *** ## Related Blogs ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown) [#### Prisma Cloud Offers Certified Red Hat Vulnerability Scanning for Red Hat OpenShift](https://www2.paloaltonetworks.com/blog/cloud-security/certified-red-hat-vulnerability-scan-2/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) [#### Discover, Protect and Respond with AWS and Prisma Cloud](https://www2.paloaltonetworks.com/blog/2024/11/aws-and-prisma-cloud/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security/?ts=markdown), [Code to Cloud](https://www.paloaltonetworks.com/blog/cloud-security/category/code-to-cloud/?ts=markdown), [Must-Read Articles](https://www.paloaltonetworks.com/blog/security-operations/category/must-read-articles/?ts=markdown), [News and Events](https://www.paloaltonetworks.com/blog/security-operations/category/news-and-events/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown) [#### Deloitte Safeguards Software Development Lifecycle](https://www2.paloaltonetworks.com/blog/2023/08/deloitte-safeguards-software-development-lifecycle/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [News \& Events](https://www.paloaltonetworks.com/blog/sase/category/news-events/?ts=markdown), [Partner Integrations](https://www.paloaltonetworks.com/blog/sase/category/partner-integrations/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [SD-WAN](https://www.paloaltonetworks.com/blog/sase/category/sd-wan/?ts=markdown) [#### Orange and Palo Alto Networks Deliver Cloud-Native Managed SASE](https://www2.paloaltonetworks.com/blog/2023/08/orange-and-palo-alto-networks-deliver-cloud-native-managed-sase/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Partners](https://www.paloaltonetworks.com/blog/category/partners/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) [#### Commercial Initiatives for Partner Success -- Breakaway 1=5](https://www2.paloaltonetworks.com/blog/2023/02/commercial-initiatives-for-partner-success/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [Cloud Security](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security/?ts=markdown), [Cloud Security Provider](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-security-provider/?ts=markdown), [Cloud Workload Protection Platform](https://www.paloaltonetworks.com/blog/cloud-security/category/cloud-workload-protection-platform/?ts=markdown), [Company \& Culture](https://www.paloaltonetworks.com/blog/category/company-culture/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) [#### Cloud Workload Protection Company of the Year](https://www2.paloaltonetworks.com/blog/2022/11/cloud-workload-protection-company-of-the-year/) ### Subscribe to Cloud Security Blogs! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language