The Continuous Monitoring (CONMON) process of FedRAMP requires that all running workloads are scanned for vulnerabilities. These findings must be captured, shared with governing boards, and if needed remediated within pre-defined timeframes

The container scanning process is well defined in FedRAMP, we must simply ensure these new services are part of it

Done Criteria

• Vulnerability scans are performed on all running Kessel container images for CONMON