Red Hat Insights, which is included with Red Hat subscriptions, analyzes platforms and applications to help enterprises manage hybrid cloud environments. Insights uses predictive analytics and deep domain expertise to reduce complex operational tasks from hours to minutes, including identifying security and performance risks, tracking licenses and managing costs.
Introducing visibility of CVE exposures via Insights for OpenShift
Vulnerability capabilities for Red Hat Insights for Red Hat OpenShift are now available and complement Red Hat’s existing cluster security portfolio while giving OpenShift users more value for their Red Hat subscription.
The Vulnerability service for OpenShift is a monitoring and vulnerability assessment tool that provides data on the presence of Common Vulnerabilities and Exposures (CVEs) for Red Hat OpenShift components. This information is collected at the build time from the data within Red Hat’s CVE Database. This service provides the following analysis in its initial release:
The list of OpenShift clusters that are affected by CVEs, with detailed views to enable triaging and prioritization of critical issues.
The ability to trigger off of specific CVEs and determine which clusters are affected so you can focus on the most critical aspects of remediating vulnerabilities present in your environment.
Please note this service provides analysis for Red Hat OpenShift Container Platform 4.8+ and above. The analysis is provided for the infrastructure and images within Red Hat's Ecosystem catalog, not the workloads that are running within OCP. Red Hat Advanced Cluster Security for Kubernetes provides rich functionality to discover, monitor and mitigate threats and enforce security policies within your Kubernetes environment. Among its many features, the Red Hat Advanced Cluster Security for Kubernetes scanner discovers vulnerabilities and misconfigurations in container images and allows you to define policies for vulnerability management that can be applied at build, deploy and runtime.
Filter by CVEs that pose the most significant risk for your infrastructure
The main page of the Vulnerability service is the CVEs page (Figure 1). This page lists all the known CVEs that affect your available clusters. Each CVE has its own respective Red Hat Severity or Common Vulnerability Scoring System (CVSS) base score. By default, the results display those for CVEs that affect one or more of your clusters. The filtering options allow you to filter and triage based on criticality and severity so you can focus on the vulnerabilities that are the most important to you and your organization. Clicking on any particular CVE shows you the details of the clusters that are affected.
Figure 1: The CVEs page within the Insights Vulnerability for OpenShift service
Filter by clusters that are the most affected by CVEs
The alternative and secondary view of the Vulnerability service is the Clusters page (Figure 2). This page lists all the clusters in your environment that are registered with Insights and shows the severity of CVEs that may be affecting them. The filtering options available allow users to filter and triage the clusters based on the criticality and severity of the CVEs so you can focus on the clusters that are most heavily affected.
Figure 2: The Clusters page within the Insights Vulnerability for OpenShift service
Give it a try
Like the other Insights services, this service is included in your OpenShift subscription. To analyze your Red Hat Insights clusters for potential CVEs, follow our getting started guide or read through how the Insights operator works with the remote health monitoring feature of OpenShift. You can view the results by clicking here.
You can send feedback about the new Insights Vulnerability service for OpenShift by using the purple feedback link inside of Insights—you can see it in the above screenshot on the right hand side of the page.
執筆者紹介
Mohit Goyal is a Senior Principal Product Manager for Red Hat Insights. Mohit brings a wealth of experience and skills in enterprise software having held roles as a software engineer, project manager, and as a product manager across software and travel industries. Goyal has a bachelor's degree in Computer Science from the Institute of Technology, University of Minnesota and a MBA from the Carlson School of Management, University of Minnesota. With his technical skills and business acumen, he helps build products to address problems faced by enterprises, with a focus on security, user experience, and cloud computing. When he's not writing user requirements, engaging with customers, or building product roadmaps, Mohit can be found running, cooking, or reading.
John Spinks is a Senior Principal Technical Marketing Manager for Red Hat. He acts as a subject matter expert for Red Hat Management products including Satellite and Insights. Previous experience includes almost 10 years as a Technical Marketing Engineer for NetApp in RTP, NC.
チャンネル別に見る
自動化
テクノロジー、チームおよび環境に関する IT 自動化の最新情報
AI (人工知能)
お客様が AI ワークロードをどこでも自由に実行することを可能にするプラットフォームについてのアップデート
オープン・ハイブリッドクラウド
ハイブリッドクラウドで柔軟に未来を築く方法をご確認ください。
セキュリティ
環境やテクノロジー全体に及ぶリスクを軽減する方法に関する最新情報
エッジコンピューティング
エッジでの運用を単純化するプラットフォームのアップデート
インフラストラクチャ
世界有数のエンタープライズ向け Linux プラットフォームの最新情報
アプリケーション
アプリケーションの最も困難な課題に対する Red Hat ソリューションの詳細
オリジナル番組
エンタープライズ向けテクノロジーのメーカーやリーダーによるストーリー
製品
ツール
試用、購入、販売
コミュニケーション
Red Hat について
エンタープライズ・オープンソース・ソリューションのプロバイダーとして世界をリードする Red Hat は、Linux、クラウド、コンテナ、Kubernetes などのテクノロジーを提供しています。Red Hat は強化されたソリューションを提供し、コアデータセンターからネットワークエッジまで、企業が複数のプラットフォームおよび環境間で容易に運用できるようにしています。
言語を選択してください
Red Hat legal and privacy links
- Red Hat について
- 採用情報
- イベント
- 各国のオフィス
- Red Hat へのお問い合わせ
- Red Hat ブログ
- ダイバーシティ、エクイティ、およびインクルージョン
- Cool Stuff Store
- Red Hat Summit