SUSE is committed to delivering best effort security to its customers and to the Open Source community. We believe that trust in Open Source Software security in general, and the user's privacy in particular, are both indispensable and indefeasible.
We treat software security as a process that never ends. This means we:
- Promptly react to security incidents and deliver premium quality security updates
- Continuously improve the security-related functionality in SUSE products
- Continuously contribute to the rapidly growing maturity of Open Source Software
- Respect the Open Source Software security principles of openness, transparency and traceability
Software security is a complex challenge. Software can provide many of its own security features, such as authentication methods, encryption, intrusion prevention and detection, and backup.
At the same time, it can also contain errors (both deliberate and accidental) that can affect the system's security, including design flaws, programming errors, and backdoors.
The SUSE Security Team addresses all of these aspects of software security, on an ongoing basis. Software security cannot be thought of as a state you can achieve at a specific point in time. Instead, it is a process that must be executed with professional expertise and continuous development. This persistent focus is what has given Open Source Software, Linux and SUSE such an excellent reputation for security.
SUSE Security Resources
- Security Updates
- Security Overview
- Security Contacts
- SUSE Linux Enterprise Security certificates and features
- SUSE Linux Enterprise Server download verification
- Security updates by CVE number
- Security information in OVAL format
- Security information in CVRF format
- SUSE Linux Enterprise security rating overview
- Flaw Remediation Process
- SUSE Signing Keys
- SUSE Linux Enterprise Server 15 SP2 Hardening Guide
- SUSE Linux Enterprise Server 15 SP2 Security Guide
SUSE Security Announcements
Stay up to date with the latest security fixes, browsable on the web or by subscribing to the security announcement email list sle-security-updates.