This gives an overview of gateway security measures.
The gateway appliance is packaged as a VMware Open Virtual Appliance (OVA). The appliance runs a hardened version of Ubuntu 20.04.
The operating system and Kubernetes are hardened to meet several industry standard security requirements, including:
Center for Internet Security (CIS) security benchmarks.
Open Web Application Security Project® (OWASP) best practices for containers.
Community-sourced hardening checks, such as:
Secure container images
All container images are hosted securely in Google Artifact Registry. A set of rigorous vulnerability scans are applied to container images, including:
See the Security Reference for more information.