SP 800-190

Application Container Security Guide

Date Published: September 2017

Planning Note (9/4/2020):

A Japanese translation of this publication is now available from the Information-technology Promotion Agency (IPA), Japan.

(DISCLAIMER: This translation is not an official U.S. Government or NIST translation.  The U.S. Government does not make any representations as to the accuracy of the translation. The official publication is available at https://doi.org/10.6028/NIST.SP.800-190.)


Author(s)

Murugiah Souppaya (NIST), John Morello (Twistlock), Karen Scarfone (Scarfone Cybersecurity)

Abstract

Keywords

application; application container; application software packaging; container; container security; isolation; operating system virtualization; virtualization
Control Families

Access Control; Configuration Management; System and Communications Protection; System and Information Integrity; Audit and Accountability; Awareness and Training; Identification and Authentication; Incident Response; Risk Assessment

Documentation

Publication:
SP 800-190 (DOI)
Local Download

Supplemental Material:
Japanese translation (unofficial--from IPA, Japan) (pdf)

Related NIST Publications:
NISTIR 8176
ITL Bulletin

Document History:
04/10/17: SP 800-190 (Draft)
07/13/17: SP 800-190 (Draft)
09/25/17: SP 800-190 (Final)

Topics

Security and Privacy
threats; vulnerability management

Technologies
cloud & virtualization; operating systems

Laws and Regulations
OMB Circular A-130