Implement Vulnerability Scanning for Artifacts

CCC.CntrReg.C01: Implement Vulnerability Scanning for Artifacts

Control ID:CCC.CntrReg.C01

Title:Implement Vulnerability Scanning for Artifacts

Objective:Ensure that container images and artifacts stored in the container registry are scanned for vulnerabilities to identify and remediate security issues before deployment.

Control Family:

Risk Management

Related Threats

ID	Title	Description	External Mappings	Capability Mappings	Control Mappings
CCC.CntrReg.TH01	Vulnerabilities in Artifacts are Exploited	Attackers exploit known vulnerabilities in container images or artifacts stored in the registry, leading to unauthorized access, data breaches, or system compromise.	1	1	0

Related Capabilities

ID	Title	Description
CCC.CntrReg.F05	Image Scanning	Provides vulnerability scanning for container images (built-in or through integration to scanning services) to detect security issues and generate reports for known CVEs (Common Vulnerabilities and Exposures).

Guideline Mappings

Reference ID	Entry ID	Remarks
NIST-CSF	ID.RA-1	-
NIST_800_53	RA-5	-
NIST_800_53	SI-5	-

Assessment Requirements

ID	Description	Applicability
CCC.CntrReg.C01.TR01	Attempt to push an artifact with known vulnerabilities to the registry and observe if it is flagged or rejected by the vulnerability scanning process.	tlp-red tlp-amber