订阅内容

Each year, Red Hat Product Security reflects back and reviews the vulnerabilities that impacted our products. We’ve shared the results of this analysis in our annual Red Hat Product Security Risk report.  

Looking back, 2018 was a busy year in the field of incident response and vulnerability management. Many high-profile issues were discovered that had broad-reaching impacts to operations in all sectors, from traditional data-centers all the way out to the edges of the cloud. Customers potentially affected by  issues with kernels, Kubernetes and others looked to Red Hat to help understand the potential to impact their operations.

Our annual risk report provides context for these security-related flaws, informs you how/if our products were affected by major vulnerabilities over the past year, and elaborates on our methodology for identifying potential impact on our customers. Our philosophy of providing clear advice and analysis along with our security errata has continued as we have faced an increased number of new exploits and vulnerabilities across the open source spectrum.  It is about managing risks versus letting risks manage you.

This year we reviewed:

  • Security response metrics.
  • Specific vulnerabilities.
  • The most common ways Red Hat users were affected by security vulnerabilities.

Among our findings from 2018:

  • Across the Red Hat portfolio, we issued 111 Critical advisories addressing 57 Critical vulnerabilities. (An overall increase over the last several years of reporting.)
  • 80% of Critical issues were addressed within one week.
  • 2894 issues were reported to Product Security; of those only 430 (14.8%) were embargoed for some period of time.
  • A catchy name or a flashy headline for a vulnerability doesn't tell much about its risk. Red Hat Product Security helps customers determine the actual vulnerability impact. Like previous years, the majority of issues that mattered were not branded.

Learn more about the flaws that made an impact in 2018 by reading the full report.


关于作者

Christopher Robinson, better known as CRob to his colleagues, is a former Product Security Program Architect at Red Hat.

Read full bio
UI_Icon-Red_Hat-Close-A-Black-RGB

按频道浏览

automation icon

自动化

有关技术、团队和环境 IT 自动化的最新信息

AI icon

人工智能

平台更新使客户可以在任何地方运行人工智能工作负载

open hybrid cloud icon

开放混合云

了解我们如何利用混合云构建更灵活的未来

security icon

安全防护

有关我们如何跨环境和技术减少风险的最新信息

edge icon

边缘计算

简化边缘运维的平台更新

Infrastructure icon

基础架构

全球领先企业 Linux 平台的最新动态

application development icon

应用领域

我们针对最严峻的应用挑战的解决方案

Original series icon

原创节目

关于企业技术领域的创客和领导者们有趣的故事