As the leader in serverless security, PureSec is excited to announce that it has initiated work on a new OWASP incubator project that will identify some of the more critical risks related to cloud-native applications.
The document will raise awareness and create a baseline for application security in modern cloud-based application architectures such as serverless computing, container-based applications and micro-services. The ‘OWASP Top 10 for Web Application Security Risks’ project is referenced by many standards, books, tools, and organizations, including MITRE, PCI DSS, DISA, FTC, and many more.
Cloud-native technologies enable organizations to build scalable applications in modern, dynamic environments such as public, private, and hybrid clouds. Serverless computing, containers, service meshes, micro-services, immutable infrastructure, and declarative APIs are examples of this approach.
“Cloud-native applications enable fundamental new approaches to designing and building software. However, they also introduce many new security challenges, which is why we decided it was time to initiate and lead this project”, said Ory Segal, CTO and co-founder at PureSec. “PureSec is planning to merge the contents of our “Serverless Security Top 10” guide, which we published earlier this year, into this broader cloud-native guide”.
The original Serverless Security Top 10 (2018) guide was developed by PureSec with contributions and peer-review from organizations such as: IBM, iRobot, Denim Group, Cisco, Nordstrom, Asurion, Capital One, Microsoft, Check Point, A Cloud Guru and Cloud Academy.
PureSec is calling for interested organizations and individuals to participate and contribute by joining the project.