← Back to Container Platform Security Requirements Guide

V-233274

CAT II (Medium)

The container platform must be able to store and instantiate industry standard container images.

Rule ID

SV-233274r961863_rule

STIG

Container Platform Security Requirements Guide

Version

V2R4

CCIs

CCI-000366

Discussion

Monitoring the container images and containers during their lifecycle is important to guarantee the container platform is secure. To monitor the containers and images, security tools can be put in place. To fully utilize the security tools available, using images formatted in an industry standard format should be used. This allows the tools to fully understand the images and containers. One standard being worked on by industry leaders in the container space is the Open Container Initiative (OCI). This group is developing a standard container image format.

Check Content

Review the container platform configuration and documentation to determine if the platform is configured to store and instantiate industry standard container images. 

If the container platform cannot instantiate industry standard container images, this is a finding.

Fix Text

Enable the container platform to store and instantiate industry standard container image formats.