STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Container Platform Security Requirements Guide

V-233072

CAT II (Medium)

The container platform registry must contain only container images for those capabilities being offered by the container platform.

Rule ID

SV-233072r960963_rule

STIG

Container Platform Security Requirements Guide

Version

V2R4

CCIs

CCI-000381

Discussion

Allowing container images to reside within the container platform registry that are not essential to the capabilities being offered by the container platform becomes a potential security risk. By allowing these non-essential container images to exist, the possibility for accidental instantiation exists. The images may be unpatched, not supported, or offer non-approved capabilities. Those images for customer services are considered essential capabilities.

Check Content

Review the container platform registry and the container images being stored. 

If container images are stored in the registry and are not being used to offer container platform capabilities, this is a finding.

Fix Text

Remove all container images from the container platform registry that are not being used or contain features and functions not supported by the platform.