Date Published: September 2017
Planning Note (09/04/2020):
A Japanese translation of this publication is now available from the Information-technology Promotion Agency (IPA), Japan.
(DISCLAIMER: This translation is not an official U.S. Government or NIST translation. The U.S. Government does not make any representations as to the accuracy of the translation. The official publication is available at https://doi.org/10.6028/NIST.SP.800-190.)
Author(s)
Murugiah Souppaya (NIST), John Morello (Twistlock), Karen Scarfone (Scarfone Cybersecurity)
Application container technologies, also known as containers, are a form of operating system virtualization combined with application software packaging. Containers provide a portable, reusable, and automatable way to package and run applications. This publication explains the potential security concerns associated with the use of containers and provides recommendations for addressing these concerns.
Application container technologies, also known as containers, are a form of operating system virtualization combined with application software packaging. Containers provide a portable, reusable, and automatable way to package and run applications. This publication explains the potential security...
See full abstract
Application container technologies, also known as containers, are a form of operating system virtualization combined with application software packaging. Containers provide a portable, reusable, and automatable way to package and run applications. This publication explains the potential security concerns associated with the use of containers and provides recommendations for addressing these concerns.
Hide full abstract
Keywords
application; application container; application software packaging; container; container security; isolation; operating system virtualization; virtualization
Control Families
Access Control; Awareness and Training; Audit and Accountability; Configuration Management; Identification and Authentication; Incident Response; Risk Assessment; System and Communications Protection; System and Information Integrity
