Application Container Security Guide

Murugiah P. Souppaya; John  Morello; Karen A. Scarfone

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

PUBLICATIONS

Application Container Security Guide

Published

September 25, 2017

Author(s)

Murugiah P. Souppaya, John Morello, Karen A. Scarfone

Abstract

Application container technologies, also known as containers, are a form of operating system virtualization combined with application software packaging. Containers provide a portable, reusable, and automatable way to package and run applications. This publication explains the potential security concerns associated with the use of containers and provides recommendations for addressing these concerns.

Citation

Special Publication (NIST SP) - 800-190

Report Number

800-190

NIST Pub Series

Special Publication (NIST SP)

Pub Type

NIST Pubs

Download Paper

DOI Link

Keywords

application, application container, application software packaging, container, container security, isolation, operating system virtualization, virtualization

Cloud computing and virtualization, Identity and access management, Configuration and vulnerability management, Cryptography, Risk management and Software defined and virtual networks

Created September 25, 2017, Updated January 27, 2020