Search
SupportConsoleDevelopersStart a trialContact

Chapter 2. Glossary

download PDF

Common terms and definitions for Red Hat’s Trusted Profile Analyzer service.

Exhort
The backend endpoint of Trusted Profile Analyzer where all the API requests get sent, to retrieve the necessary data to analyze, including package dependencies and vulnerabilities. The Red Hat Dependency Analytics (RHDA) integrated development environment (IDE) plug-in uses this endpoint to generate vulnerability reports within the IDE framework.
Software Bill of Materials
Also known by the acronym, SBOM. A manifest of dependent software packages needed for a particular application.
Single Pane of Glass
Also known by the acronym, SPOG. The RESTful application programming interface (API) for the Trusted Profile Analyzer web dashboard, and notifications.
Vulnerability Exploitability eXchange
Also known by the acronym, VEX. A security advisory issued by a software provider for specific vulnerabilities within a product.
Common Vulnerability Exposures
Also known by the acronym, CVE. A CVE indicates a product’s exposure to attacks and malicious activities by giving it a score 1-10, where 1 is the lowest exposure level and 10 is the highest exposure level.
Common Vulnerability Score System
Also known by the acronym CVSS. The CVSS calculates CVE scores according to specific formulas when trying to calculate CVEs in a broad range of products and networks.
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.