Secure containers
Ping Government Identity Cloud Secure Containers are self-contained software packages that encapsulate Ping Identity software and relevant dependencies.
Secure containers protect against unauthorized access, tampering, and exploitation by leveraging isolation, encryption, and access control. Secure containers minimize attack surface and help protect sensitive data, application functionality, and underlying infrastructure.
Add-on compatibility
The following add-ons are not guaranteed to work with secure containers:
-
Kits
-
Marketplace nodes
-
Marketplace connectors
Middleware
Secure containers run on the following middleware:
All container images |
RedHat UBI |
PingAM |
Tomcat; JDK |
PingDS |
JDK |
PingGateway |
JDK |
PingIDM |
JDK |
Platform UI |
NGINX; JDK |
PingFederate |
GETTEXT; JQ; OPENJDK; OPENJDK-DEVEL |
PingDirectory |
GETTEXT; JQ; OPENJDK; OPENJDK-DEVEL; Tomcat |
PingAM |
GETTEXT; JQ; OPENJDK; OPENJDK-DEVEL |
PingCentral |
GETTEXT; JQ; OPENJDK; OPENJDK-DEVEL |
PingAuthorize |
GETTEXT; JQ; OPENJDK; OPENJDK-DEVEL |
Security and maintenance
Secure containers are updated monthly to include the latest versions of container-ready base images, products, and middleware.
-
A secure container is created and undergoes a comprehensive vulnerability scan.
-
Any identified vulnerabilities are triaged and documented if they cannot be immediately resolved.
-
The container image and its corresponding vulnerability documentation are published and available to users.
Secure container distribution
Secure containers are distributed as Docker images.
The following links provide background, context, and details:
-
Accessing Ping Identity secure containers (sign-on required)
-
Docker image hardening guide (sign-on required)
-
Ping Identity security hardening guides (sign-on required)