Easy access to all the Government news updates

Subscribe and receive personalized news articles straight in your inbox

*By clicking "Join us now" you agree to receive emails, promotions and general messages from ExecutiveGov. In addition, you also agree to ExecutiveGov's Privacy Policy and Terms & Conditions.


FedRAMP Issues Guidance for Container-Based Cloud Vulnerability Scanning

1 min read
AWS Secret Region IL-6
AWS Secret Region IL-6

The Federal Risk and Authorization Management Program (FedRAMP) has released a document for vulnerability scanning procedures involving container technology for cloud environments.

FedRAMP said Tuesday that the Vulnerability Scanning Requirements for Containers guidance details standards for security considerations, processes and architectures in line with the assessments of cloud service providers during a technical exchange meeting.

The requirements are applicable to systems implementing containerization concepts including security sensors, hardened images, registry monitoring, asset management and orchestration.

According to the document, such guidelines are meant to address risks to containerization technology such as nonstandard configurations, invalidated external software, unauthorized access, unmanaged repositories and unmonitored communications between containers.

The guide also serves as a supplement for scanning requirements detailed in the FedRAMP Continuous Monitoring Strategy Guide.

ExecutiveGov Logo

Sign Up Now! Executive Gov provides you with Free Daily Updates and News Briefings about Government Technology