Security is at the top of mind for our customers, and understanding the language and practices around security is vital for teams delivering applications and managing infrastructure. Understanding how Red Hat reports and evaluates security vulnerabilities — as well as the tools Red Hat uses to communicate and address vulnerabilities — goes a long way towards protecting your IT environment.
In addition, learning why Red Hat utilizes an open methodology to vulnerability management is equally important. Red Hat doesn’t just produce enterprise open source software; from start to finish we do so with transparency and accountability. We believe this is critical for customers and communities to fully understand the vulnerabilities that may impact them, as well as provide the data necessary to make appropriate, informed decisions.
You'll find a great deal of information on vulnerabilities that affect open source software that makes up Red Hat's products, but what we provide often differs from the upstream software. Since vulnerability analysis on upstream software may not apply to the products you use today, we provide authoritative information about our products that can help inform your practices and response.
We communicate about our policies and practices frequently, through posts on the Red Hat Blog, through advisories and in articles on the Red Hat Customer Portal, sessions at Red Hat Summit and more.
Bringing it all together
We'll continue to write and speak about these topics, but we wanted to give our customers and communities a single document as a convenient reference to better understand how we categorize, address and respond to security vulnerabilities.
In "An Open Approach to Vulnerability Management" you can learn:
-
How Red Hat reports and evaluates vulnerabilities using Common Vulnerabilities and Exposures (CVE), Common Weakness Enumeration (CWE), and the Common Vulnerability Scoring System (CVSS) standards.
-
How our Severity Ratings system works and when a vulnerability poses a severe and immediate threat to your environment and when a vulnerability is unlikely to impact your environment.
-
How Red Hat's product support life cycle informs our response to security issues.
-
How Red Hat uses backporting and rebasing to address vulnerabilities.
-
What content signing is, and how to use it to verify software is from Red Hat, and untampered with.
Grab An Open Approach to Vulnerability Management today
There's plenty more to learn about Red Hat’s methodology of understanding and addressing security vulnerabilities. Get your copy of An Open Approach to Vulnerability Managements today and be sure to follow the Security channel here on the Red Hat Blog.
저자 소개
Red Hat Product Security provides the guidance, stability and security needed to confidently deploy enterprise solutions.
유사한 검색 결과
채널별 검색
오토메이션
기술, 팀, 인프라를 위한 IT 자동화 최신 동향
인공지능
고객이 어디서나 AI 워크로드를 실행할 수 있도록 지원하는 플랫폼 업데이트
오픈 하이브리드 클라우드
하이브리드 클라우드로 더욱 유연한 미래를 구축하는 방법을 알아보세요
보안
환경과 기술 전반에 걸쳐 리스크를 감소하는 방법에 대한 최신 정보
엣지 컴퓨팅
엣지에서의 운영을 단순화하는 플랫폼 업데이트
인프라
세계적으로 인정받은 기업용 Linux 플랫폼에 대한 최신 정보
애플리케이션
복잡한 애플리케이션에 대한 솔루션 더 보기
오리지널 쇼
엔터프라이즈 기술 분야의 제작자와 리더가 전하는 흥미로운 스토리
제품
- Red Hat Enterprise Linux
- Red Hat OpenShift Enterprise
- Red Hat Ansible Automation Platform
- 클라우드 서비스
- 모든 제품 보기
툴
체험, 구매 & 영업
커뮤니케이션
Red Hat 소개
Red Hat은 Linux, 클라우드, 컨테이너, 쿠버네티스 등을 포함한 글로벌 엔터프라이즈 오픈소스 솔루션 공급업체입니다. Red Hat은 코어 데이터센터에서 네트워크 엣지에 이르기까지 다양한 플랫폼과 환경에서 기업의 업무 편의성을 높여 주는 강화된 기능의 솔루션을 제공합니다.