Red Hat Vulnerability Management Certification

A common source of scanning truth for vulnerabilities

The Red Hat Vulnerability Management Certification is a collaboration with security partners to deliver accurate and reliable container vulnerability scanning results of Red Hat-published images and packages.

A trusted source in Red Hat

Red Hat has created a vulnerability scanning security partner ecosystem for vulnerability assessment that produces consistent results of Red Hat products and packages. Differentiate your product by collaborating with Red Hat.

Building security into applications is critical for cloud-native deployments, and this requires the use of trusted container content. Vulnerability scanning plays an important role in ensuring that container content can be trusted. Detecting and mitigating vulnerabilities proactively safeguards an application by securing its confidentiality, integrity, and availability. This new certification aims to create a common source of scanning truth.

shield and cloud hover over a teal circle

Benefits for partners

Improves security accuracy through a common source of truth for Red Hat produced images

Improved support for mutual end users running certified scanners on subscribed Red Hat environments

Learn

Cover of An Open Approach to Vulnerability Management report

Red Hat Product Security risk report

The Red Hat Product Security risk report is an overview of security vulnerabilities that impacted Red Hat products.

browser screen for the CSAF security advisories and VEX security data

CSAF security advisories and VEX security data

Understand the CSAF-VEX security data and how to consume it.

browser screen for the Backporting security fixes page

Backporting security fixes

Backporting takes a fix for a security flaw from the most recent version of an upstream software package and applies it to an older version of the package.

Certify your scanner on Red Hat

In order to meet security and support requirements for enterprise customers, Red Hat partners can take advantage of Red Hat vulnerability management certification and obtain these benefits: 

  • Ability to differentiate your solutions, deliver value and further help customers adopt hybrid cloud.
  • Red Hat’s experience and knowledge as a CVE Numbering Authority (CNA) for Red Hat technologies.
  • Better global customer support with Red Hat - utilizing TSANet, improved enterprise support from Red Hat and our partners.
  • Improved market awareness - publish your product in the Red Hat Ecosystem Catalog.
code window hovers over a shield