Understand the new 30-day scanning window
Track your containers through production
Determine the use of hardened base images
FedRAMP covers at least 325
security controls as defined by NIST for a “Moderate” impact system and 421 controls for a “High” impact system.
The clock is ticking. The recently released FedRAMP Vulnerability Scanning Requirements for Containers details a number of new requirements that applications must meet within 6 months. These new requirements are specific to containerized applications and are in addition to existing FedRAMP controls.
Integrate scans across the container lifecycle