Remove redundant infromation from ACSCS docs

Author: kurlov

cloud_service/rhacs-cloud-service-service-description.adoc

@@ -25,38 +25,6 @@ The data is stored in secure storage with full replication and high availability
 
 include::modules/cloud-info-security.adoc[leveloffset=+2]
 
-[id="vulnerabilities_{context}"]
-=== Vulnerability management program
-
-Red{nbsp}Hat scans for vulnerabilities in our products during the build process and our dedicated Product Security team tracks and assesses newly-discovered vulnerabilities. Red{nbsp}Hat Information Security regularly scans running environments for vulnerabilities.
-
-Qualified critical and important Security Advisories (RHSAs) and urgent and selected high priority Bug Fix Advisories (RHBAs) are released as they become available. All other available fix and qualified patches are released via periodic updates. All {product-title-managed-short} software impacted by critical or important severity flaws are updated as soon as the fix is available. For more information about remediation of critical or high-priority issues, see link:https://access.redhat.com/articles/2968471[Understanding Red{nbsp}Hat's Product Security Incident Response Plan].
-
-[id="security-audits_{context}"]
-=== Security exams and audits
-
-{product-title-managed-short} does not currently hold any external security certifications or attestations.
-
-The Red{nbsp}Hat Information Risk and Security Team has achieved ISO 27001:2013 certification for our Information Security Management System (ISMS).
-
-[id="system-interop_{context}"]
-=== Systems interoperability security
-
-{product-title-managed-short} supports integrations with registries, CI systems, notification systems, workflow systems like ServiceNow and Jira, and Security information and event management (SIEM) platforms. For more information about supported integrations, see the xref:../integration/integrate-with-image-registries.adoc#integrate-with-image-registries[Integrating] documentation.
-Custom integrations can be implemented using the API or generic webhooks.
-
-{product-title-managed-short} uses certificate-based architecture (mTLS) for both authentication and end-to-end encryption of all inflight traffic between the customer's site and Red{nbsp}Hat. It does not require a VPN. IP allowlists are not supported. Data transfer is encrypted using mTLS. File transfer, including Secure FTP, is not supported.
-
-[id="malicious-code-prevention_{context}"]
-=== Malicious code prevention
-
-{product-title-managed-short} is deployed on {op-system-first}. The user space in {op-system} is read-only. In addition, all {product-title-managed-short} instances are monitored in runtime by {product-title-short}.
-Red{nbsp}Hat uses a commercially-available, enterprise-grade anti-virus solution for Windows and Mac platforms, which is centrally managed and logged. Anti-virus solutions on Linux-based platforms are not part of Red{nbsp}Hat's strategy, as they can introduce additional vulnerabilities. Instead, we harden and rely on the built-in tooling (for example, SELinux) to protect the platform.
-
-Red{nbsp}Hat uses SentinelOne and osquery for individual endpoint security, with updates made as they are available from the vendor.
-
-All third-party JavaScript libraries are downloaded and included in build images which are scanned for vulnerabilities before being published.
-
 [id="sdlc-security_{context}"]
 === Systems development lifecycle security
 
@@ -71,27 +39,6 @@ Applications are scanned regularly and the container scan results of the product
 
 As part of Red{nbsp}Hat's policy, a support policy and maintenance plan is issued for any third-party components we depend on that go to end-of-life.
 
-[id="sbom_{context}"]
-=== Software Bill of Materials
-
-Red{nbsp}Hat has published software bill of materials (SBOMs) files for core Red{nbsp}Hat offerings. An SBOM is a machine-readable, comprehensive inventory (manifest) of software components and dependencies with license and provenance information. SBOM files help establish reviews for procurement and audits of what is in a set of software applications and libraries. Combined with Vulnerability Exploitability eXchange (VEX), SBOMs help an organization address its vulnerability risk assessment process. Together they provide information on where a potential risk might exist (where the vulnerable artifact is included and the correlation between this artifact and components or the product), and its current status to known vulnerabilities or exploits.
-
-Red{nbsp}Hat, together with other vendors, is working to define the specific requirements for publishing useful SBOMs that can be correlated with Common Security Advisory Framework (CSAF)-VEX files, and inform consumers and partners about how to use this data. For now, SBOM files published by Red{nbsp}Hat, including SBOMs for {product-title-managed-short}, are considered to be beta versions for customer testing and are available at link:https://access.redhat.com/security/data/sbom/beta/spdx/[https://access.redhat.com/security/data/sbom/beta/spdx/].
-
-For more detail on Red{nbsp}Hat's Security data, see link:https://www.redhat.com/en/blog/future-red-hat-security-data[The future of Red{nbsp}Hat security data].
-
-[id="data-centers-providers_{context}"]
-=== Data centers and providers
-
-The following third-party providers are used by Red{nbsp}Hat in providing subscription support services:
-
-* Flexential hosts the Raleigh Data Center, which is the primary data center used to support the Red{nbsp}Hat Customer Portal databases.
-* Digital Realty hosts the Phoenix Data Center, which is the secondary backup data center supporting the Red{nbsp}Hat Customer Portal databases.
-* Salesforce provides the engine behind the customer ticketing system.
-* AWS is used to augment data center infrastructure capacity, some of which is used to support the Red{nbsp}Hat Customer Portal application.
-* Akamai is used to host the Web Application Firewall and provide DDoS protection.
-* Iron Mountain is used to handle the destruction of sensitive material.
-
 [id="access-control_{context}"]
 == Access control