I have some thoughts here, if the team needs their tool to be well recognized, they must adopt any of the industry best practices for security benchmarks.
As I believe that the software should address security concerns, as it addresses performance concerns, or its intended business need.
Security is the hot potato, by which companies are leveraging and developing their spaces in the market. It is one of the key principles by which big companies are deciding to go forward or reject new software.
Beginning with the Container Security, I suggest NIST Special Publication 800-190 for Container Security to be adopted; "https://csrc.nist.gov/pubs/sp/800/190/final"
While NIST publications/standards are extremely recognized and followed in the US, they are considered an industry best practice worldwide.
Beginning with the Container Security, I suggest NIST Special Publication 800-190 for Container Security to be adopted; "https://csrc.nist.gov/pubs/sp/800/190/final" While NIST publications/standards are extremely recognized and followed in the US, they are considered an industry best practice worldwide.
Thanks, Waleed Waheed. SR Mgr GRC, RSA Security.