Documentation - V-233233

V-233233

Container Platform Security Requirements Guide

CAT II

Title

The container platform registry must contain the latest images with most recent security-relevant software updates within 30 days unless the time period is directed by an authoritative source (e.g., IAVM, CTOs, DTMs, STIGs).

Description

<VulnDiscussion>Software supporting the container platform, images in the registry must stay up to date with the latest patches, service packs, and hot fixes. Not updating the container platform and container images will expose the organization to vulnerabilities. Flaws discovered during security assessments, continuous monitoring, incident response activities, or information system error handling must also be addressed expeditiously. Organization-defined time periods for updating security-rel...

Fix Text (Documentation Requirement)

Configure the container platform registry to use an approved vendor repository to ensure the latest images containing security-relevant updates are installed within 30 days unless a time period is directed by an authoritative source (IAVM, CTOs, DTMs, STIGs, etc.).

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel