NIST SP 800-190, also known as “Application Container Security Guide,” is a publication released by the National Institute of Standards and Technology (NIST) of the United States Department of Commerce. This document provides guidelines and recommendations for securing containers in application deployment environments.

Containers are a popular technology for application development and deployment, and the guide provides advice for securing the container platform and the applications deployed within containers. The guide covers topics such as securing the host operating system, securing the container platform and runtime, securing the application code and data within containers, and securing the network connections between containers. The guide is intended for security practitioners, system administrators, and developers who are responsible for securing applications deployed within containers.

NIST SP 800-190 provides guidelines and recommendations for securing containers in application deployment environments, but it is not a formal set of requirements. However, some of the key security considerations outlined in the guide include:

1. Securing the host operating system: The host operating system should be hardened and updated regularly to minimize vulnerabilities.
2. Securing the container platform and runtime: The container platform and runtime should be configured securely and updated regularly to minimize vulnerabilities.
3. Securing the application code and data within containers: The application code and data should be stored securely and should be accessed only by authorized users.
4. Securing the network connections between containers: The network connections between containers should be secured to prevent unauthorized access and data theft.
5. Monitoring and logging: Monitoring and logging should be used to detect and respond to security incidents and to track changes to the container environment.

These are just a few of the security considerations outlined in NIST SP 800-190, and the guide provides additional details and recommendations for each of these areas. It is important to note that while NIST SP 800-190 provides useful guidelines, it is not a formal set of requirements and organizations may need to consider additional security controls to meet their specific needs and requirements.

There are several tools that can be used to help remediate the guidelines and recommendations outlined in NIST SP 800-190. Some of these tools include:

1. Container management platforms: Container management platforms such as Docker, Kubernetes, and OpenShift provide features for managing and securing containers. These platforms can be used to deploy containers, manage network connections, and monitor and log container activity.
2. Container security tools: Container security tools such as Aqua Security, StackRox, and Sysdig can be used to secure containers and the applications deployed within them. These tools can help to secure the host operating system, the container platform and runtime, and the application code and data within containers.
3. Configuration management tools: Configuration management tools such as Ansible, Chef, and Puppet can be used to automate the deployment of containers and the configuration of the host operating system and container platform. These tools can help to ensure that the host operating system and container platform are configured securely and consistently across multiple environments.
4. Vulnerability scanning tools: Vulnerability scanning tools such as Nessus, OpenVAS, and Qualys can be used to scan containers and the applications deployed within them for known vulnerabilities. These tools can help to identify and remediate vulnerabilities in the host operating system, the container platform and runtime, and the application code and data within containers.

These are just a few examples of tools that can be used to help remediate the guidelines and recommendations outlined in NIST SP 800-190. The specific tools that are used will depend on the specific needs and requirements of each organization.