Security is at the top of mind for our customers, and understanding the language and practices around security is vital for teams delivering applications and managing infrastructure. Understanding how Red Hat reports and evaluates security vulnerabilities — as well as the tools Red Hat uses to communicate and address vulnerabilities — goes a long way towards protecting your IT environment.
In addition, learning why Red Hat utilizes an open methodology to vulnerability management is equally important. Red Hat doesn’t just produce enterprise open source software; from start to finish we do so with transparency and accountability. We believe this is critical for customers and communities to fully understand the vulnerabilities that may impact them, as well as provide the data necessary to make appropriate, informed decisions.
You'll find a great deal of information on vulnerabilities that affect open source software that makes up Red Hat's products, but what we provide often differs from the upstream software. Since vulnerability analysis on upstream software may not apply to the products you use today, we provide authoritative information about our products that can help inform your practices and response.
We communicate about our policies and practices frequently, through posts on the Red Hat Blog, through advisories and in articles on the Red Hat Customer Portal, sessions at Red Hat Summit and more.
Bringing it all together
We'll continue to write and speak about these topics, but we wanted to give our customers and communities a single document as a convenient reference to better understand how we categorize, address and respond to security vulnerabilities.
In "An Open Approach to Vulnerability Management" you can learn:
-
How Red Hat reports and evaluates vulnerabilities using Common Vulnerabilities and Exposures (CVE), Common Weakness Enumeration (CWE), and the Common Vulnerability Scoring System (CVSS) standards.
-
How our Severity Ratings system works and when a vulnerability poses a severe and immediate threat to your environment and when a vulnerability is unlikely to impact your environment.
-
How Red Hat's product support life cycle informs our response to security issues.
-
How Red Hat uses backporting and rebasing to address vulnerabilities.
-
What content signing is, and how to use it to verify software is from Red Hat, and untampered with.
Grab An Open Approach to Vulnerability Management today
There's plenty more to learn about Red Hat’s methodology of understanding and addressing security vulnerabilities. Get your copy of An Open Approach to Vulnerability Managements today and be sure to follow the Security channel here on the Red Hat Blog.
Sobre el autor
Red Hat Product Security provides the guidance, stability and security needed to confidently deploy enterprise solutions.
Más similar
Navegar por canal
Automatización
Las últimas novedades en la automatización de la TI para los equipos, la tecnología y los entornos
Inteligencia artificial
Descubra las actualizaciones en las plataformas que permiten a los clientes ejecutar cargas de trabajo de inteligecia artificial en cualquier lugar
Nube híbrida abierta
Vea como construimos un futuro flexible con la nube híbrida
Seguridad
Vea las últimas novedades sobre cómo reducimos los riesgos en entornos y tecnologías
Edge computing
Conozca las actualizaciones en las plataformas que simplifican las operaciones en el edge
Infraestructura
Vea las últimas novedades sobre la plataforma Linux empresarial líder en el mundo
Aplicaciones
Conozca nuestras soluciones para abordar los desafíos más complejos de las aplicaciones
Programas originales
Vea historias divertidas de creadores y líderes en tecnología empresarial
Productos
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Servicios de nube
- Ver todos los productos
Herramientas
- Training y Certificación
- Mi cuenta
- Soporte al cliente
- Recursos para desarrolladores
- Busque un partner
- Red Hat Ecosystem Catalog
- Calculador de valor Red Hat
- Documentación
Realice pruebas, compras y ventas
Comunicarse
- Comuníquese con la oficina de ventas
- Comuníquese con el servicio al cliente
- Comuníquese con Red Hat Training
- Redes sociales
Acerca de Red Hat
Somos el proveedor líder a nivel mundial de soluciones empresariales de código abierto, incluyendo Linux, cloud, contenedores y Kubernetes. Ofrecemos soluciones reforzadas, las cuales permiten que las empresas trabajen en distintas plataformas y entornos con facilidad, desde el centro de datos principal hasta el extremo de la red.
Seleccionar idioma
Red Hat legal and privacy links
- Acerca de Red Hat
- Oportunidades de empleo
- Eventos
- Sedes
- Póngase en contacto con Red Hat
- Blog de Red Hat
- Diversidad, igualdad e inclusión
- Cool Stuff Store
- Red Hat Summit