This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Cloud-Native Application Security Top 10

From OWASP
Revision as of 05:23, 20 September 2018 by Orysegal (talk | contribs)

Jump to: navigation, search
OWASP Project Header.jpg

Introduction

Cloud native technologies empower organizations to build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds. Containers, cloud functions (serverless), service meshes, micro-services, immutable infrastructure, and declarative APIs exemplify this approach. Cloud-Native Applications is a fundamentally new and exciting approach to designing and building software. However, it also raises a completely new set of security challenges. For example, when you move to a microservice model, end-to-end visibility, monitoring and detection become more complex and difficult to execute.

Purpose

The primary goal of this document is to provide assistance and education for organizations looking to adopt Cloud-Native Applications. The guide provides information about what are the most prominent security risks for Cloud-Native applications, the challenges involved, and how to overcome them.

Licensing

This program is free software: you can redistribute it and/or modify it under the terms of the link GNU Affero General Public License 3.0 as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. OWASP Cloud-Native Application Security Top 10 and any contributions are Copyright © by OWASP 2018.

Project Sponsors

The project is sponsored by:

puresec


Getting Involved

You do not have to be a security expert or a programmer to contribute. Contact the Project Leader(s) to get involved, we welcome any type of suggestions and comments. Possible ways to get contribute:

  • We are actively looking for organizations and individuals that will provide vulnerability prevalence data.
  • Translation efforts (later stages)
  • Individuals and organizations that will contribute to the project will listed on the acknowledgments page.


Project Resources

TBD

Project Leader

Ory Segal

Related Projects

Classifications

Project Type Files DOC.jpg
Incubator Project Owasp-builders-small.png
Owasp-defenders-small.png
Creative Commons Attribution ShareAlike 3.0 License