Red Hat SummitDieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.
Chapter 4. Conducting Vulnerability Scanning and verification
After your certification case is created, you must complete the vulnerability scanning and verification phase.
Prerequisites
- Establish a certification relationship with Red Hat.
- Ensure your security product is ready to scan container images.
- Confirm access to the Red Hat Container Registry.
Procedure
Pull the required certification test-harness container images from the Red Hat Container Registry.
Use the following certification test-harness images for vulnerability scanning. You are encouraged to use the latest supported versions of these images as listed in the Red Hat Container Catalog.
Image 1:
Image 2:
NoteCertification criteria are defined by Red Hat Product Security and Red Hat Partner Connect teams.
- Verify that the pulled images match the specified digests to ensure you are using the correct certified versions.
- Scan the test-harness images using the partner security product, without modifying or adjusting the scan output manually.
- Generate a vulnerability scan report in a machine-readable format, preferably CSV. The report must reflect actual product behavior and include all vulnerabilities and related component metadata.
Ensure the report includes the following information for each identified vulnerability:
- CVE identifier
- Red Hat package name and version (with backport fix information, if applicable)
- Red Hat security impact rating (Critical, Important, Moderate, Low)
- Red Hat state (Fixed, Affected, or Not-Affected) and RHSA reference with URL if fixed
- Submit the complete vulnerability scan report to the Red Hat certification team through your Certification case.
- The Red Hat certification team will review the submitted results to ensure they meet baseline accuracy and formatting requirements. The review process may take between two to six weeks from the date of submission.
- After successful verification, Red Hat grants certification for your scanner product.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}