Red Hat Vulnerability Management Certification
A common source of scanning truth for vulnerabilities
The Red Hat Vulnerability Management Certification is a collaboration with security partners to deliver accurate and reliable container vulnerability scanning results of Red Hat-published images and packages.
A trusted source in Red Hat
Red Hat has created a vulnerability scanning security partner ecosystem for vulnerability assessment that produces consistent results of Red Hat products and packages. Differentiate your product by collaborating with Red Hat.
Building security into applications is critical for cloud-native deployments, and this requires the use of trusted container content. Vulnerability scanning plays an important role in ensuring that container content can be trusted. Detecting and mitigating vulnerabilities proactively safeguards an application by securing its confidentiality, integrity, and availability. This new certification aims to create a common source of scanning truth.
Benefits for partners
Improves security accuracy through a common source of truth for Red Hat produced images
Improved support for mutual end users running certified scanners on subscribed Red Hat environments
Learn
Red Hat Product Security risk report
The Red Hat Product Security risk report is an overview of security vulnerabilities that impacted Red Hat products.
CSAF security advisories and VEX security data
Understand the CSAF-VEX security data and how to consume it.
Backporting security fixes
Backporting takes a fix for a security flaw from the most recent version of an upstream software package and applies it to an older version of the package.
Certify your scanner on Red Hat
In order to meet security and support requirements for enterprise customers, Red Hat partners can take advantage of Red Hat vulnerability management certification and obtain these benefits:
- Ability to differentiate your solutions, deliver value and further help customers adopt hybrid cloud.
- Red Hat’s experience and knowledge as a CVE Numbering Authority (CNA) for Red Hat technologies.
- Better global customer support with Red Hat - utilizing TSANet, improved enterprise support from Red Hat and our partners.
- Improved market awareness - publish your product in the Red Hat Ecosystem Catalog.