SP 800-190

Application Container Security Guide

Date Published: September 2017

Author(s)

Murugiah Souppaya (NIST), John Morello (Twistlock), Karen Scarfone (Scarfone Cybersecurity)

Abstract

Application container technologies, also known as containers, are a form of operating system virtualization combined with application software packaging. Containers provide a portable, reusable, and automatable way to package and run applications. This publication explains the potential security concerns associated with the use of containers and provides recommendations for addressing these concerns.

Keywords

application; application container; application software packaging; container; container security; isolation; operating system virtualization; virtualization;

Control Families

Access Control; Configuration Management; System and Communications Protection; System and Information Integrity; Audit and Accountability; Awareness and Training; Identification and Authentication; Incident Response; Risk Assessment;

Documentation

Publication:
SP 800-190 (DOI)
Local Download

Supplemental Material:
None available

Related NIST Publications:
NISTIR 8176 (DRAFT)

Topics

Security and Privacy
threats; vulnerability management

Technologies
cloud & virtualization; operating systems; software

Laws and Regulations
OMB Circular A-130

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

SP 800-190

Application Container Security Guide

Author(s)

Abstract

Keywords

Control Families

Documentation

Topics

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

Computer Security Resource Center

Computer Security Resource Center

Computer SecurityResource Center

SP 800-190

Application Container Security Guide

Author(s)

Abstract

Keywords

Control Families

Documentation

Topics

Computer Security
Resource Center