Maintaining security is an ongoing challenge. As infrastructure changes, your security design must
be re-evaluated to keep up with the change. Challenges include keeping your systems aligned with the latest security
standards, adopting new technologies without compromising security, and ensuring compatibility between an ongoing stream of updates and your existing infrastructure.
Red Hat Enterprise Linux includes a robust set of security and compliance features, as well as automated security management at scale, government and industry standard certifications, and security fixes and patches that are issued quickly when vulnerabilities are discovered. Red Hat Enterprise
Linux simplifies compliance management with an ongoing stream of information about common vulnerabilities and exposures (CVE) patches, changes, etc., that is not available with CentOS Linux.
Red Hat Enterprise Linux is the foundation across the Red Hat portfolio for security certifications, including Federal Information Processing Standards (FIPS) 140-2, Common Criteria (CC), and Secure Technical Implementation Guidelines (STIG). Historically, CentOS Linux security patches have been delayed as they collect six weeks or more of Red Hat Enterprise Linux hotfixes before releasing a patch.