STIGQter: STIG Summary: Container Platform Security Requirements Guide Version: 1 Release: 1 Benchmark Date: 20 Nov 2020:

The container platform must verify container images.

DISA Rule

SV-233065r599553_rule

Vulnerability Number

V-233065

Group Title

SRG-APP-000131

Rule Version

SRG-APP-000131-CTR-000285

Severity

CAT II

CCI(s)

• CCI-001749 - The information system prevents the installation of organization-defined software components without verification the software component has been digitally signed using a certificate that is recognized and approved by the organization.

Weight

10

Fix Recommendation

Configure the container platform to verify container images are digitally signed and the signature is from a recognized and approved source.

Check Contents

Review the container platform configuration to determine if container images are verified by enforcing image signing and that the image is signed recognized by an approved source.

If container images are not verified or the signature is not verified as a recognized and approved source, this is a finding.

Vulnerability Number

V-233065

Documentable

False

Rule Version

SRG-APP-000131-CTR-000285

Severity Override Guidance

Review the container platform configuration to determine if container images are verified by enforcing image signing and that the image is signed recognized by an approved source.

If container images are not verified or the signature is not verified as a recognized and approved source, this is a finding.

Check Content Reference

M

Target Key

5239

Comments