Understand the new 30-day scanning window
FedRAMP covers at least 325
security controls as defined by NIST for a “Moderate” impact system and 421 controls for a “High” impact system.
The clock is ticking. The recently released FedRAMP Vulnerability Scanning Requirements for Containers details a number of new requirements that applications must meet within six months. These new requirements are specific to containerized applications and are in addition to existing FedRAMP controls.
In this checklist, you will:
•
•
•
•
Track your containers through production
Integrate scans across the container lifecycle
Determine the use of hardened base images