There are a couple of practices to make containers are secure to pass FedRAMP audit.
- Image Hardening
- CI/CD Pipeline
- Asset Management and Inventory Reporting
- Vulnerability Scanning
- Encryption data-in-transit and data-at-rest
- Network separation
- Authentication and authorization
- Audit logging
- System backups
No comments:
Post a Comment