Red Hat plussed its Kubernetes-based OpenShift Platform with new security and management features that boost the platform’s position as the hybrid-cloud alternative to cloud-specific offerings from the market’s cloud giants. The vendor is positioning the move as a further bolstering of OpenShift’s position as the cloud-neutral platform of choice.

The newly christened OpenShift Platform Plus gains Red Hat’s Advanced Security for Kubernetes feature, its Advanced Cluster Management for Kubernetes capabilities, and Red Hat’s Quay automated container image registry. It combines those into a package that provides a more fully featured platform for customers that work through the self-managed OpenShift product.

The security update comes from integration of Red Hat’s acquisition of StackRox earlier this year. StackRox developed a Kubernetes-native security platform for cloud-native applications, containers, serverless, and Kubernetes targeted at DevOps and security teams.

Those capabilities are now tied into OpenShift Platform Plus to help secure software supply chains, infrastructure, and workloads. It provides system-level data collection and analysis and can apply more than 60 security policies out-of-the-box that can be enforced from the time that applications are built through to when they are deployed and running in a commercial environment.

Brian Gracely, senior product manager at Red Hat, noted in an interview that StackRox “learned over the last five years that it’s really hard to adapt technology that didn’t start as native like containers or Kubernetes technology.”

“We knew that any sort of adaptation we made or integration we made with them wasn't going to go through big lifecycles and having to change it and fix it and so between expanding out where we could help customers, knowing that they already were aligned to our open hybrid cloud story, and having worked with them as a native Kubernetes engine are really the big things that customers are going to like,” Gracely said.

Stuart Miniman, director of market insights and cloud platforms at Red Hat, added that the security service itself also remains available as an add-on to other OpenShift products.

This security posture is also bolstered by the cluster management feature that allows users to apply consistent operational policies for security, configuration, compliance, and governance to multi-cluster Kubernetes environments across on-premises and cloud infrastructures.

The deeper Quay integration also plays into that security move by providing a more consistent framework and validates build pipeline across different underlying infrastructures. Quay also came to Red Hat via an acquisition when it bought CoreOS for $250 million in 2018.

In the OpenShift self-managed realm, Platform Plus sits above and is based on the OpenShift Container Platform as well as sitting above the more basic OpenShift Container Engine product. Red Hat also continues to offer its managed cloud products that are jointly offered with the large cloud providers like the Azure Red Hat OpenShift and the Red Hat OpenShift on Amazon Web Services (AWS) product.

The enhanced platform also positions Red Hat to better compete against those larger cloud players in the hybrid cloud world that it also partners with. This includes more robust cloud-specific offerings like Microsoft Azure Arc, AWS Outposts, and Google Anthos.

“When they get out of their own cloud the world is the unknown for them because they've always lived in one cloud, they've had one operating model,” Gracely said. “They're now trying to go on premise with people and they are like ‘but we'd like you to look exactly like our cloud’ and customers are like ‘it doesn't work that way.’”

As for future expansion, Miniman explained that the new platform is positioned as the halo product of Red Hat’s self-managed OpenShift offerings and will be the basis for more updates going forward. And he also cited parent company IBM’s own recent comments about possible acquisitions.

“This will be the vehicle going forward that, for example, if there is another acquisition like a StackRox down the road that it would make sense to bring into this platform, we would totally do that,” Miniman said.