STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Container Platform Security Requirements Guide

V-233229

CAT II (Medium)

The container platform must implement organization-defined security safeguards to protect system CPU and memory from resource depletion and unauthorized code execution.

Rule ID

SV-233229r961665_rule

STIG

Container Platform Security Requirements Guide

Version

V2R4

CCIs

CCI-002824

Discussion

The execution of images within the container platform runtime must implement organizational defined security safeguards to prevent distributed denial-of-service (DDOS) and other possible attacks against the container image at runtime. Security safeguards employed to protect memory and CPU include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be software-enforced. Other means of protection are to limit memory and CPU resources to a container.

Check Content

Review the container platform configuration to determine if safeguards are in place to protect the system memory and CPU from resource depletion and unauthorized execution. 

If safeguards are not in place, this is a finding.

Fix Text

Configure the container platform to have safeguards in place to protect the system memory and CPU from resource depletion and unauthorized code execution.