Understanding Red Hat Customer Security Awareness program
Red Hat Product Security reviews security vulnerabilities discovered or reported to us that affect projects and packages used by Red Hat products. Occasionally security flaws are recognized to be of great concern, or will generate significant media attention. These issues might be branded (with a name, logo, website), may be actively used in exploits "in the wild", or be a severe problem in core packages or operations of our products.
When these issues are discovered and they require a "High Touch" to ensure that fixes are expedited or that additional materials may need to be created to support the community and users, Red Hat Product Security will enact a process known as the “Customer Security Awareness Workflow” (CSAw). This process alerts key internal stakeholders and helps get required resources allocated to the correction, testing, and distribution of the fixes to our subscribers to solve the vulnerability.
The CSAw process also helps ensure that Red Hat associates are aware of, and can assist in spreading awareness around, the facts of the issue. The goal of the program is not only the speedy delivery of patches, but also to provide clear, accurate information about the real level of risk a particular issue brings, so that when the public is made aware of the problem, the impact can calmly be assessed and thoughtful plans can be executed to mitigate and remediate the issue.
The CSAw program delivers clear documentation around the status of the issue and treatments and diagnostic information through the Vulnerability Response Center on the Red Hat Customer Portal. Here, full details around the vulnerability can be clearly seen, details about severity scoring, and CVE information can be accessed from this one central location. Quick links to security advisories are also provided.
Along with the notifications and patches, Red Hat Product Security will provide mitigations as available, detection scripts that subscribers can download and use within their own environments, and Ansible Playbooks that can be leveraged to discover and oftentimes remediate vulnerabilities.
As the fixes are provided, Red Hat Product Security uses an array of communications channels to provide information in the format readers desire (traditional knowledgebase articles, email alerts, social media alerts, etc.). Red Hat Insights subscribers will be instantly alerted of the issue, the exact scope of where the customer is vulnerable, and will often have remediation options provided for them.