FedRAMP Issues Guidance for Container-Based Cloud Vulnerability Scanning

FedRAMP Issues Guidance for Container-Based Cloud Vulnerability Scanning
AWS Secret Region IL-6

The Federal Risk and Authorization Management Program (FedRAMP) has released a document for vulnerability scanning procedures involving container technology for cloud environments.

FedRAMP said Tuesday that the Vulnerability Scanning Requirements for Containers guidance details standards for security considerations, processes and architectures in line with the assessments of cloud service providers during a technical exchange meeting.

The requirements are applicable to systems implementing containerization concepts including security sensors, hardened images, registry monitoring, asset management and orchestration.

According to the document, such guidelines are meant to address risks to containerization technology such as nonstandard configurations, invalidated external software, unauthorized access, unmanaged repositories and unmonitored communications between containers.

The guide also serves as a supplement for scanning requirements detailed in the FedRAMP Continuous Monitoring Strategy Guide.

You may also be interested in...

Anthony Iasso

Anthony Iasso Named Xator CTO; CEO David Scott Quoted

The Xator Corporation announced on Friday that Anthony Iasso has been appointed the company’s new chief technology officer. Xator CEO David Scott elaborated that Iasso would take advantage of Xator’s key investments in the company’s acquisitions and tech capabilities to further propel its solution offerings for its customers.