www-project-kubernetes-top-ten
www-project-kubernetes-top-ten copied to clipboard
OWASP
OWASP Foundation Web Respository
Fix [issue 53](https://github.com/OWASP/www-project-kubernetes-top-ten/issues/53): launching a pod with _automountServiceAccountToken_ set to **True** and inside the container tried to access to the secret resources.
Creating an Ingress Object without TLS certificates can be a security concern, as it may lead to potential vulnerabilities and data exposure. While TLS can be used for encryption, TLS...
I tired to replicate the Unnecessary use of LIST permission example attack but it does not work. I think the problem is that in the K8s version before 1.24, every...
Adding a quick description of tools (OPA Gatekeeper, Kyverno, and Kubewarden).
Hi, I added in an attack scenario for Insecure Workload Configurations. This attack scenario uses a compromised Pod to install and run Nmap to gain network visibility to the Clusters...
⚠️ This PR has been generated by [Arkadii Yakovets](https://github.com/arkid15r) as part of the [OWASP Schema](https://github.com/OWASP/nest-schema) initiative within [OWASP Nest](https://github.com/OWASP/Nest). ## OWASP Entity Information - **Project**: OWASP Kubernetes Top Ten -...
![owasp-nest[bot] avatar](https://avatars.githubusercontent.com/u/155815?v=4 "owasp-nest[bot] avatar"){kind=avatar}