Application Container Security Guide

Murugiah P. Souppaya; John  Morello; Karen  Scarfone

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

PUBLICATIONS

Application Container Security Guide

Published

September 25, 2017

Author(s)

Murugiah P. Souppaya, John Morello, Karen Scarfone

Abstract

Application container technologies, also known as containers, are a form of operating system virtualization combined with application software packaging. Containers provide a portable, reusable, and automatable way to package and run applications. This publication explains the potential security concerns associated with the use of containers and provides recommendations for addressing these concerns.

Citation

Special Publication (NIST SP) - 800-190

Report Number

800-190

NIST Pub Series

Special Publication (NIST SP)

Pub Type

NIST Pubs

Download Paper

DOI Link

Keywords

application, application container, application software packaging, container, container security, isolation, operating system virtualization, virtualization

Software defined and virtual networks, Risk management, Identity and access management, Cryptography, Configuration and vulnerability management and Cloud computing and virtualization

Created September 25, 2017, Updated June 3, 2020