Test and Verification -> Static depth for infrastructure: Check for new image version
Risk and Opportunity
Risk: When a new version of an image is available, it might fixes security vulnerabilities.
Opportunity: Check for new images of containers in production.
Exploit details
Usefullness: Low
Required knowledge: Medium (two disciplines)
Required time: Medium
Required resources (systems): Very Low
Additional Information
OWASP SAMM 2 Mapping: v-security-testing|A|2
ISO27001:2017 Controls Mapping: