OWASP Cloud-Native Application Security Top 10 Flagship Project

Explore the OWASP Cloud-Native Application Security Top 10 Flagship Project in this informative conference talk presented by Ron Vider. Delve into the complexities of cloud-native application security and understand why a dedicated top 10 list is essential for this domain. Learn about key security risks such as insecure cloud configurations, injection flaws, improper authentication and authorization, and insecure secrets storage. Discover the importance of network policies, component vulnerabilities, asset management, resource quotas, and effective logging and monitoring in cloud-native environments. Gain insights into how you can contribute to this crucial OWASP project and enhance your understanding of cloud-native application security best practices.

Intro
About Me
Why Cloud Native Appsec Requires dedicated top 10 List?
What Makes Cloud Native Appsec Md Complex
Project Leaders
Insecure Cloud, Orchestration or Contain Configuration
injection Flaws
Improper Authentication Authorization
Insecure Secrets Storage
Over-permissive/Insecure network polic
Ualng components with known vulnerab
Improper assets management
Inadequate compute' resource quota in
ineffective logging & monitoring
Quick Recap
How You Can Contribute