Date Published: September 2017
Author(s)
Murugiah Souppaya (NIST),
John Morello (Twistlock),
Karen Scarfone (Scarfone Cybersecurity)
Application container technologies, also known as containers, are a form of operating system virtualization combined with application software packaging. Containers provide a portable, reusable, and automatable way to package and run applications. This publication explains the potential security concerns associated with the use of containers and provides recommendations for addressing these concerns.
Application container technologies, also known as containers, are a form of operating system virtualization combined with application software packaging. Containers provide a portable, reusable, and automatable way to package and run applications. This publication explains the potential security con...
See full abstract
Application container technologies, also known as containers, are a form of operating system virtualization combined with application software packaging. Containers provide a portable, reusable, and automatable way to package and run applications. This publication explains the potential security concerns associated with the use of containers and provides recommendations for addressing these concerns.
Hide full abstract
Keywords
application; application container; application software packaging; container; container security; isolation; operating system virtualization; virtualization;
Control Families
Access Control;
Configuration Management;
System and Communications Protection;
System and Information Integrity;
Audit and Accountability;
Awareness and Training;
Identification and Authentication;
Incident Response;
Risk Assessment;