This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Category:OWASP Cloud ‐ 10 Project"
Vinaykbansal (talk | contribs) |
Vinaykbansal (talk | contribs) |
||
| Line 1: | Line 1: | ||
==== Main ==== | ==== Main ==== | ||
| + | ==Goal== | ||
Goal of the project is to maintain a list of top 10 security risks faced with the Cloud Computing and SaaS Models. List will be maintained by input from community, security experts and security incidences at cloud/SaaS providers. | Goal of the project is to maintain a list of top 10 security risks faced with the Cloud Computing and SaaS Models. List will be maintained by input from community, security experts and security incidences at cloud/SaaS providers. | ||
| + | |||
| + | |||
| + | ==Audience== | ||
| + | Audience for the project will be organizations planning on leveraging external cloud environment to host their applications or rent application in a SaaS model (Software as a Service). Aim of the "OWASP Cloud-10" list is to help balance security risks with the cost advantage that the Cloud and SaaS model provides. We expect the Cloud and SaaS providers to be indirect audience for "OWASP Cloud-10", when they try to showcase their security controls to potential customers against this list. | ||
| + | |||
| + | |||
| + | ==Managing OWASP Cloud-10 List== | ||
| + | “OWASP Cloud-10” list will be maintained by input from, community, security experts and security incidences at cloud/SaaS providers. | ||
| + | |||
| + | Each of the identified risk in "OWASP Cloud-10" will provide details on: | ||
| + | * Various Risk Scenarios | ||
| + | * Possible Mitigations and Security Controls | ||
| + | * Real World Examples | ||
| + | * Reference to any related Incident | ||
| + | |||
==== Project Identification ==== | ==== Project Identification ==== | ||
Revision as of 20:05, 13 July 2009
Main
Goal
Goal of the project is to maintain a list of top 10 security risks faced with the Cloud Computing and SaaS Models. List will be maintained by input from community, security experts and security incidences at cloud/SaaS providers.
Audience
Audience for the project will be organizations planning on leveraging external cloud environment to host their applications or rent application in a SaaS model (Software as a Service). Aim of the "OWASP Cloud-10" list is to help balance security risks with the cost advantage that the Cloud and SaaS model provides. We expect the Cloud and SaaS providers to be indirect audience for "OWASP Cloud-10", when they try to showcase their security controls to potential customers against this list.
Managing OWASP Cloud-10 List
“OWASP Cloud-10” list will be maintained by input from, community, security experts and security incidences at cloud/SaaS providers.
Each of the identified risk in "OWASP Cloud-10" will provide details on:
- Various Risk Scenarios
- Possible Mitigations and Security Controls
- Real World Examples
- Reference to any related Incident
Project Identification
Category:OWASP Cloud‐10 Project - Project Information Page
Contributors
Project Leader
Vinay Bansal
Project Contributors
Shankar Babu Chebrolu|
Martin Nystrom
Jim Born
Subcategories
This category has the following 2 subcategories, out of 2 total.
Pages in category "OWASP Cloud ‐ 10 Project"
The following 14 pages are in this category, out of 14 total.
C
- Cloud - Top 5 Risks with PAAS
- Cloud Top 5 Risks with IAAS
- Cloud-10 Accountability and Data Ownership
- Cloud-10 Incidence Analysis and Forensic Support
- Cloud-10 Infrastructure Security
- Cloud-10 Multi Tenancy and Physical Security
- Cloud-10 Regulatory Compliance
- Cloud-10 Risks with Cloud IT Foundation Tier
- Cloud-10 Risks with SaaS
- Cloud-10 Service and Data Integration
- Cloud-10 User Identity Federation
- Cloud-10 User Privacy and Secondary Usage of Data
