Red Hat Satellite integration
For every project asset, Centraleyezer queries your Red Hat Satellite for the host’s installable security errata and imports each erratum as a "Security Update Missing" finding with its CVE, severity and solution — patch debt becomes visible and risk-scored alongside your scanner findings.
Scan types imported
- Installable security errata (missing patches) per RHEL host
API connection
Enter the Satellite base URL and an API-capable account. On every run the platform looks up each project asset by IP on the Satellite, and for hosts with installable security errata imports the security errata list.
Configuration
Where to get the credentials
Use a Satellite user (Administer → Users) with a role that can view hosts and errata. The same credentials can be shared with a linked scanner entry.
What gets imported on every run
- Per host: all security-type errata that are installable, imported as "Security Update Missing" findings.
- CVE reference, erratum summary and solution per finding.
- Red Hat severity scale (Critical / Important / Moderate / Low) drives risk scoring.
How imported findings are risk-scored
Every Red Hat Satellite finding is normalised into Centraleyezer’s risk model on import: the scanner’s native severity scale maps to a configurable DREAD vector (Damage, Reproducibility, Exploitability, Affected users, Discoverability), which combines with asset criticality, network exposure, exploitability intelligence and the platform’s other risk factors to produce one comparable risk score across every scanner you run. CVE, CVSS and CWE metadata are preserved on the finding for reference and reporting, and duplicate findings from repeated imports are automatically correlated instead of creating noise.