Date Published: July 2017
Comments Due:
Email Questions to:
Author(s)
Murugiah Souppaya (NIST), John Morello (Twistlock), Karen Scarfone (Scarfone Cybersecurity)
Announcement
NIST announces the second public comment release of Draft Special Publication 800-190, Application Container Security Guide. Application container technologies, better known as containers, are a form of operating system virtualization combined with application software packaging. Draft (2nd) SP 800-190 explains the security benefits and concerns associated with container technologies and makes practical recommendations for addressing the concerns when planning for, implementing, and maintaining containers.
Application container technologies, also known as containers, are a form of operating system virtualization combined with application software packaging. Containers provide a portable, reusable, and automatable way to package and run applications. This publication explains the potential security concerns associated with the use of containers and provides recommendations for addressing these concerns.
Application container technologies, also known as containers, are a form of operating system virtualization combined with application software packaging. Containers provide a portable, reusable, and automatable way to package and run applications. This publication explains the potential security...
See full abstract
Application container technologies, also known as containers, are a form of operating system virtualization combined with application software packaging. Containers provide a portable, reusable, and automatable way to package and run applications. This publication explains the potential security concerns associated with the use of containers and provides recommendations for addressing these concerns.
Hide full abstract
Keywords
application; application container; application software packaging; container; container security; isolation; operating system virtualization; virtualization
Control Families
Access Control; Configuration Management; System and Communications Protection; System and Information Integrity; Audit and Accountability; Awareness and Training; Identification and Authentication; Incident Response; Risk Assessment
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
