Understanding the Red Hat Solution Integration
Summarize
Summary of Understanding the Red Hat Solution Integration Vulnerability Response
The Red Hat Solution Integration within the Vulnerability Response application enables customers to review and implement remediation solutions for security vulnerabilities affecting Red Hat products. It is part of the Vulnerability Solution Management feature, which requires a separate subscription. The integration facilitates the management of security risks by importing solution information directly from Red Hat.
Show less
Key Features
- CSAF Format Support: Starting from version 21.0 of Vulnerability Response, solutions are transmitted in the Common Security Advisory Framework (CSAF) format, requiring a new parser for proper interpretation.
- Integration Script: The integration allows for the construction of scripts to handle incoming payloads, where the user specifies whether to expect CSAF or CVRF formats.
- Automated Scheduled Jobs: Red Hat Solution Integration runs scheduled jobs to synchronize vulnerability management systems automatically, while also allowing for manual execution.
- User Configuration: Integration records have a default run-as user (VR.System), which should not be changed.
- Role Management: The integration tasks require specific roles (snvul.configurerhsaintegration) to manage user permissions effectively.
Key Outcomes
By utilizing the Red Hat Solution Integration, customers can expect streamlined vulnerability remediation processes, enhanced synchronization with other systems, and improved management of security vulnerabilities within their Red Hat environments. For further assistance with installation and configuration, refer to the relevant setup documentation and ensure compatibility with the latest versions of the Vulnerability Response application.
You can review and implement proposed remediation solutions provided by the Red Hat Solution Integration in the Vulnerability Response application.
Red Hat Solution Integration is included in the Vulnerability Solution Management feature of Vulnerability Response, available by separate subscription. See Vulnerability Solution Management for more information on how Vulnerability Response incorporates solutions.
Red Hat Solution Integration investigates reports of security vulnerabilities affecting Red Hat products and services, and provides solution information to help manage security risks. Solutions known as remediations are imported into your Red Hat Solution Integration from Red Hat.
/** « This function serves to construct the integration script.
* The integration process record (integrationProcessGr) is provided in the event
* The function should return the newly constructed script. */
(function(integrationProcessGr){
// Add any logic here to construct your integration script as necessary.
// Pass true if CSAF payload is expected. Pass false if CVRF payload is expected
return new sn_vul.RedHatSolutionIntegration(true);
})(integrationProcessGr);
/** « This function serves to construct the integration script.
* The integration process record (integrationProcessGr) is provided in the event
* The function should return the newly constructed script. */
(function(integrationProcessGr){
// Add any logic here to construct your integration script as necessary.
// Pass true if CSAF payload is expected. Pass false if CVRF payload is expected
return new sn_vul.RedHatSolutionIntegration(false);
})(integrationProcessGr);
Red Hat Solution Integration contains entry points to the Red Hat product, invoked as a scheduled job. The scheduled job simplifies the vulnerability remediation life cycle by keeping the instance synchronized with other vulnerability management systems. It runs automatically. You can also execute the scheduled job manually.
There is a configured run-as user for each integration record. The default value for this user is VR.System. Do not change this value.
Available versions
For the most current version of Vulnerability Solution Management and Red Hat solutions, verify you have the most current version of Vulnerability Response installed.
For more information about installing and configuring Vulnerability Solution Management and solution integrations, see Install the Solution Management for Vulnerability Response application and Configure installed solution integrations for Vulnerability Solution Management using Setup Assistant.
| Release version of Vulnerability Response | Version of Vulnerability Solution Management | Release Notes |
|---|---|---|
Vulnerability Response v15.0 |
v10.3 |
For compatibility information, see KB0856498 Vulnerability Response Compatibility Matrix and Release Schema Changes |
Roles
Red Hat Solution Integration tasks involve the following role: sn_vul.configure_rhsa_integration
Persona and granular roles are available to help you manage what users and groups can see and do in the Vulnerability Response application. For an initial assignment of the persona roles in Setup Assistant, see Assign the Vulnerability Response persona roles using Setup Assistant. For more information about managing granular roles, see Manage persona and granular roles for Vulnerability Response.
Red Hat Solution Integration
To view the Red Hat Solution Integration, navigate to .
The following integration is included in the base system.
| Integration | Description |
|---|---|
| Red Hat Solution Integration | Retrieves solutions and National Vulnerability Database (NVD) mapping to associate solutions with vulnerabilities, vulnerable items, and remediation tasks. |
Solutions
To view imported solutions in a list, see View a solution.