Title

The container platform must be able to store and instantiate industry standard container images. (Cat II impact)

Discussion

Monitoring the container images and containers during their lifecycle is important to guarantee the container platform is secure. To monitor the containers and images, security tools can be put in place. To fully utilize the security tools available, using images formatted in an industry standard format should be used. This allows the tools to fully understand the images and containers. One standard being worked on by industry leaders in the container space is the Open Container Initiative (OCI). This group is developing a standard container image format.

Check Content

Review the container platform configuration and documentation to determine if the platform is configured to store and instantiate industry standard container images. If the container platform cannot instantiate industry standard container images, this is a finding.

Fix Text

Enable the container platform to store and instantiate industry standard container image formats.

Additional Identifiers

Rule ID: SV-233274r879887_rule

Vulnerability ID: V-233274

Group Title: SRG-APP-000516

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.