Red Hat Vulnerability Scanner Certification

A single source of scanning truth for vulnerabilities

The Red Hat Vulnerability Scanner Certification is a collaboration with security partners to deliver accurate and reliable container vulnerability scanning results of Red Hat-published images and packages.

A Trusted Source in Red Hat

Red Hat has created a vulnerability scanning security partner ecosystem for vulnerability assessment that produces consistent results of Red Hat products and packages. Differentiate your product by collaborating with Red Hat.

  • This certification is offered at no cost to Red Hat Partner Connect members

Why does Red Hat Vulnerability Scanner Certification matter?

Building security into applications is critical for cloud-native deployments, and this requires the use of trusted container content. Vulnerability scanning plays an important role in ensuring that container content can be trusted. Detecting and mitigating vulnerabilities, proactively safeguards an application by securing it's confidentiality, integrity, and availability. This new certification aims to create a single source of scanning truth.

Security Scanning Exchange

The Security Scanning Exchange is a special interest group created by the Red Hat Product Security team. This interest group brings Red Hat security partners together to collaborate on security scanning best practices that benefit our mutual customers. The group regularly reviews the availability and utilization of scanning artifacts such as epoch values, OVAL (Open Vulnerability and Assessment Language) files, APIs, webpages, overall metadata, etc. Technical enablement sessions regarding a particular scanning artifact, product, or technology are also a key part of these meetings.

Members of the
Security Scanning Exchange

AquaSec

Palo Alto

Red Hat (StackRox)

Snyk 

Sysdig

  • Completing Red Hat Vulnerability Scanner Certification is a prerequisite to becoming a member of the Security Scanning Exchange

Red Hat Product Security risk report

The Red Hat® Product Security risk report is an overview of security vulnerabilities that impacted Red Hat products. The report reviewed large and small security vulnerabilities that were publicly announced throughout the year, as well as the data and metrics that were produced for these vulnerabilities across all of our solutions. The report also reviewed several high-impact, high-profile security vulnerabilities.