76 SWEG / SEI - Next Steps

reportActive / Technical Report | Accesssion Number: AD1137192 | Open PDF

Abstract:

Research has confirmed that attackers generally dont exploit the software base (container). Most attacks are against vulnerabilities created by the configuration of the deployment. Pipeline administrators are faced with many complex and interdependent configuration choices that are critical to maintaining the security expected from hardened containers.

Author(s):
No Author(s) Identified
Author Organization(s):
CARNEGIE-MELLON UNIV PITTSBURGH PA
Funding Organization(s):
AIR FORCE LIFE CYCLE MANAGEMENT CENTER HANSCOM AFB MA, HANSCOM AFB , MA
Document Type:
Technical Report/Briefing Charts
Publication Date:
2020 Jan 01
Pagination:
9

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution Code:
A - Approved For Public Release
Distribution Statement: Public Release

RECORD

Collection: TRECMS
Identifying Numbers
Contract Number(s):
FA8702-15-D-0002
Subject Terms
Modernization Areas:
Cyber
Communities of Interest:
Engineered Resilient Systems
Descriptor(s):
department of defense, deployment, engineering, guidance, hardening, materials, pipelines, security, software development, universities, vulnerability, guarantees, containers, patents
Keyword(s):
SEI(Software Engineering Institute), SWEG team work processes and environment, 76 SWEG, ensure secure configuration of Gitlab and ArgoCD, planned deployment architecture
Subject Categories:
Military Sciences
Creation Date:
2021 Jul 02
Update Date:
2021 Sep 21