U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

SP 800-190 (Draft)

Application Container Security Guide (2nd Draft)

Date Published: July 2017
Comments Due: August 11, 2017 (public comment period is CLOSED)
Email Questions to: 800-190comments@nist.gov


Murugiah Souppaya (NIST), John Morello (Twistlock), Karen Scarfone (Scarfone Cybersecurity)


NIST announces the second public comment release of Draft Special Publication 800-190, Application Container Security Guide. Application container technologies, better known as containers, are a form of operating system virtualization combined with application software packaging. Draft (2nd) SP 800-190 explains the security benefits and concerns associated with container technologies and makes practical recommendations for addressing the concerns when planning for, implementing, and maintaining containers.



application; application container; application software packaging; container; container security; isolation; operating system virtualization; virtualization
Control Families

Access Control; Configuration Management; System and Communications Protection; System and Information Integrity; Audit and Accountability; Awareness and Training; Identification and Authentication; Incident Response; Risk Assessment


Draft (2nd) SP 800-190

Supplemental Material:
Comment Template (xls)

Related NIST Publications:
NISTIR 8176 (Draft)

Document History:
04/10/17: SP 800-190 (Draft)
07/13/17: SP 800-190 (Draft)
09/25/17: SP 800-190 (Final)


Security and Privacy
threats; vulnerability management

cloud & virtualization; operating systems

Laws and Regulations
OMB Circular A-130