Skip to content
Catalogs
XCCDF
Container Platform Security Requirements Guide
SRG-APP-000450
The container platform must implement organization-defined security safeguards to protect system CPU and memory from resource depletion and unauthorized code execution.
The container platform must implement organization-defined security safeguards to protect system CPU and memory from resource depletion and unauthorized code execution. An XCCDF Rule
The container platform must implement organization-defined security safeguards to protect system CPU and memory from resource depletion and unauthorized code execution.
Medium Severity
<VulnDiscussion>The execution of images within the container platform runtime must implement organizational defined security safeguards to prevent distributed denial-of-service (DDOS) and other possible attacks against the container image at runtime.
Security safeguards employed to protect memory and CPU include, for example, data execution prevention and address space layout randomization. Data execution prevention safeguards can be software-enforced. Other means of protection are to limit memory and CPU resources to a container.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>