Re: VMs, containers vs. bare-metal machines in SSG

20 Oct 2016


      ----- Original Message -----
...
From: "Shawn Wells" shawn@redhat.com
To: scap-security-guide@lists.fedorahosted.org
Sent: Thursday, October 20, 2016 2:45:39 PM
Subject: Re: VMs, containers vs. bare-metal machines in SSG
[snip]
Really like the idea of CPEs. We can always work with NIST to get extra
CPEs added.... but wouldn't that mean creation of redhat:docker,
redhat:openshift, Docker:docker, pivotal:cloudfoundry, etc?
I'd like for SSG to be agnostic of the tech so I would go for CPE ID
for container-image and that will be applicable when scanning docker images,
rkt images, plain LXC images, etc... Same with vm-image, applicable on all
offline virtual machine scanning, regardless of what is powering the VM or
how it's stored.
-- 
Martin Preisler
Identity Management and Platform Security | Red Hat, Inc.

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

Re: VMs, containers vs. bare-metal machines in SSG