# www-project-kubernetes-top-ten **Repository Path**: shadowedge/www-project-kubernetes-top-ten ## Basic Information - **Project Name**: www-project-kubernetes-top-ten - **Description**: kaokaokaokao - **Primary Language**: HTML - **License**: Not specified - **Default Branch**: main - **Homepage**: None - **GVP Project**: No ## Statistics - **Stars**: 0 - **Forks**: 0 - **Created**: 2022-08-04 - **Last Updated**: 2022-08-24 ## Categories & Tags **Categories**: Uncategorized **Tags**: None ## README ![OWASP Logo](https://owasp.org/assets/images/logo.png) # [OWASP Kubernetes Top 10](https://owasp.org/www-project-kubernetes-top-ten/) ## About the Kubernetes Top 10 When adopting [Kubernetes](https://kubernetes.io), we introduce new risks to our applications and infrastructure. The *OWASP Kubernetes Top 10* is aimed at helping security practitioners, system admistrators, and software developers prioroitze risks around the Kubernetes ecosystem. The Top Ten is a prioritized list of these risks backed by data collected from organizations varying in maturity and complexity. ### ToC * K00:2022 [Welcome to the Kubernetes Security Top Ten](2022/en/src/K00-introduction.md) * K01:2022 [Insecure Workload Configurations](2022/en/src/K01-insecure-workload-configurations.md) * K02:2022 [Supply Chain Vulnerabilities](2022/en/src/K02-supply-chain-vulnerabilities.md) * K03:2022 [Overly Permissive RBAC Configurations](2022/en/src/K03-overly-permissive-rbac.md) * K04:2022 [Lack of Centralized Policy Enforcement](2022/en/src/K04-policy-enforcement.md) * K05:2022 [Inadequate Logging and Monitoring](2022/en/src/K05-inadequate-logging.md) * K06:2022 [Broken Authentication Mechanisms](2022/en/src/K06-broken-authentication.md) * K07:2022 [Missing Network Segmentation Controls](2022/en/src/K07-network-segmentation.md) * K08:2022 [Secrets Management Failures](2022/en/src/K08-secrets-management.md) * K09:2022 [Misconfigured Cluster Components](2022/en/src/K09-misconfigured-cluster-components.md) * K10:2022 [Outdated and Vulnerable Kubernetes Components](2022/en/src/K10-vulnerable-components.md) * [Other Risks to Consider](2022/en/src/other-risks.md) ## Get Involved! Development of this document take place within the source repository on [Github](https://github.com/OWASP/www-project-kubernetes-top-ten). * We are actively looking for organizations and individuals that will provide Kubernetes vulnerability and misconfiguration data. * Translation efforts * Assisting in the development of related tools and projects - [OWASP Kubernetes Security Cheatsheet](https://cheatsheetseries.owasp.org/cheatsheets/Kubernetes_Security_Cheat_Sheet.html) - [OWASP Kubernetes Security Testing Guide](https://github.com/owasp/www-project-kubernetes-security-testing-guide) - [OWASP Docker Security Cheatsheet](https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html) [Slack](https://owasp.slack.com): [#project-k8s-top10](https://owasp.slack.com/messages/project-k8s-top10) channel (Coming Soon!)