STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Container Platform Security Requirements Guide

V-233065

CAT II (Medium)

The container platform must verify container images.

Rule ID

SV-233065r981844_rule

STIG

Container Platform Security Requirements Guide

Version

V2R4

CCIs

CCI-003992

Discussion

The container platform must be capable of validating container images are signed and that the digital signature is from a recognized and approved source approved by the organization. Allowing any container image to be introduced into the registry and instantiated into a container can allow for services to be introduced that are not trusted and may contain malicious code, which introduces unwanted services. These unwanted services can cause harm and security risks to the hosting server, the container platform, other services running within the container platform, and the overall organization.

Check Content

Review the container platform configuration to determine if container images are verified by enforcing image signing and that the image is signed recognized by an approved source. 

If container images are not verified or the signature is not verified as a recognized and approved source, this is a finding.

Fix Text

Configure the container platform to verify container images are digitally signed and the signature is from a recognized and approved source.