Why do people pay Red Hat for a subscription to use our software? Simply put, a Red Hat subscription is more than just support. It includes access to our award-winning Customer Portal, expansive knowledgebase, certification ecosystem, Red Hat Product Security, committed product lifecycles, industry-leading technical and automated support services, and the ability to collaborate with peers and Red Hat experts. The Red Hat subscription provides customers with the guidance and stability needed for mission-critical environments. In addition, it provides security.
All software - no matter the license, provenance, or supply-chain involved - is at risk of having bugs, mistakes in the code which could introduce errors in the way it performs. If an error poses a security risk where an attacker could deliberately cause a program to fail, those are classified as vulnerabilities. While only a small portion of errors are vulnerabilities, the consequences of those errors can be dire.
Red Hat's Product Security team supports more than 100 different products and versions, ranging from our flagship product Red Hat Enterprise Linux and Red Hat JBoss Middleware to our emerging products including Red Hat Enterprise Linux OpenStack Platform, OpenShift, and Red Hat Enterprise Linux Atomic Host. Our products are made up of many different open source components. Red Hat Enterprise Linux 7, for example, is comprised of several thousand different packages and each one can be a separate open source project. Red Hat’s Product Security team is responsible for knowing every component of every Red Hat product. They are responsible for helping find and track issues that could pose a threat to the integrity of the code. With code coming from a variety of open source projects and contributors, this task is no easy feat. I am proud to report that in 2014, across supported versions of Red Hat Enterprise Linux, 97% of critical vulnerabilities had a customer fix the same or next day after they were public.
In addition, we continue to actively monitor the time it takes for vulnerabilities to pass through our workflow of identifying, fixing, and delivering a solution to our customers. While we are constantly striving to identify and remediate critical vulnerabilities, our security value proposition to our customers is more than just quick response time.
For any given Red Hat product, we have a single mechanism for getting updates on security issues across our components and technologies. In addition, products are supported with long lifecycles (for example, Red Hat Enterprise Linux 5, 6 and 7 are supported for 10 years), and generally maintain security updates for open source components even beyond their upstream end of life.
2014 will be remembered for a number of high profile vulnerabilities including Heartbleed, ShellShock, and Poodle. While we provided fast updates to correct these vulnerabilities that affected Red Hat products, getting solutions to customers was only part of the service we provided. When serious issues were found in the UNIX-like shell, Bash, called ShellShock in September 2014, Red Hat customers received timely advice, industry-leading security expertise, access to technical information and support, proactive notifications, Customer Portal alerts and articles, and a Red Hat Access Labs self-detection tool.
We want customers to hear about major security issues that could affect them from us first. We want our customers to have confidence in the knowledge that we are on top of any security situation that may arise and that we are committed to providing specific, timely, calm, and technically accurate advice on how the issues affect our products and services.
While security is only one piece of the Red Hat subscription, it remains an important one.
Learn more:
À propos de l'auteur
Marco Bill-Peter is the senior vice president of Customer Experience and Engagement (CEE) at Red Hat. CEE is responsible for increasing the value customers and partners receive from their relationship with Red Hat. In addition to technical support delivery and strategic customer engagement, Bill-Peter's organization is responsible for the award-winning Red Hat Customer Portal, quality engineering, DevOps, product certifications, product security, product documentation, and translation services.
Parcourir par canal
Automatisation
Les dernières nouveautés en matière d'automatisation informatique pour les technologies, les équipes et les environnements
Intelligence artificielle
Actualité sur les plateformes qui permettent aux clients d'exécuter des charges de travail d'IA sur tout type d'environnement
Cloud hybride ouvert
Découvrez comment créer un avenir flexible grâce au cloud hybride
Sécurité
Les dernières actualités sur la façon dont nous réduisons les risques dans tous les environnements et technologies
Edge computing
Actualité sur les plateformes qui simplifient les opérations en périphérie
Infrastructure
Les dernières nouveautés sur la plateforme Linux d'entreprise leader au monde
Applications
À l’intérieur de nos solutions aux défis d’application les plus difficiles
Programmes originaux
Histoires passionnantes de créateurs et de leaders de technologies d'entreprise
Produits
- Red Hat Enterprise Linux
- Red Hat OpenShift
- Red Hat Ansible Automation Platform
- Services cloud
- Voir tous les produits
Outils
- Formation et certification
- Mon compte
- Assistance client
- Ressources développeurs
- Rechercher un partenaire
- Red Hat Ecosystem Catalog
- Calculateur de valeur Red Hat
- Documentation
Essayer, acheter et vendre
Communication
- Contacter le service commercial
- Contactez notre service clientèle
- Contacter le service de formation
- Réseaux sociaux
À propos de Red Hat
Premier éditeur mondial de solutions Open Source pour les entreprises, nous fournissons des technologies Linux, cloud, de conteneurs et Kubernetes. Nous proposons des solutions stables qui aident les entreprises à jongler avec les divers environnements et plateformes, du cœur du datacenter à la périphérie du réseau.
Sélectionner une langue
Red Hat legal and privacy links
- À propos de Red Hat
- Carrières
- Événements
- Bureaux
- Contacter Red Hat
- Lire le blog Red Hat
- Diversité, équité et inclusion
- Cool Stuff Store
- Red Hat Summit