Check Dependencies / Libraries during Container Build
When containers are built, the version numbers of all libraries and dependencies must be checked against an inventory of known vulnerabilities. This includes:
- Language runtimes (Java, Python, NodeJS, etc.)
- Web server software (e.g., Apache, nginx, JBoss, Tomcat)
- Operating systems (RHEL, Windows, etc.)
- Component libraries
- This is a requirement raised by Total
- ConocoPhillips has raised OWASP Top 10 and STRIDE as recommendations.