OWASP Kubernetes Security Testing Guide

Creative Commons License

Our Vision

“Create a comprehensive manual for Kubernetes Cluster Security Assessment”

We are creating a comprehensive testing guide for Kubernetes cluster security assessment that covers a top down approach to assess the security of a cluster. The guide include methodology, tools, techniques and procedures (TTP) to execute an assessment that enables a tester to deliver consistent and complete results.


Kubernetes Security Testing Guide (KSTG)

The KSTG is (aims to be) a comprehensive manual for Kubernetes security analysts and red teamers. It aims to help DevSecOps Teams understand attacker TTPs and design effective countermeasures. KSTG propose to have the following high-level structure:

  1. Introduction to Kubernetes Architecture and its Components
  2. Kubernetes Cluster Threat Model
  3. Container Security Assessment
  4. Cluster Discovery and Recon
  5. Cluster Security Assessment
  6. Auditing against CIS Benchmarks

Kubernetes Security Testing Checklist

A checklist will be created based on the KSTG. This checklist is meant to be used as a reference by security testers during engagements.

Kubernetes Security Testing Tools



Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.

Project Roadmap


Community Meeting

  • Slack - TBD
  • Mailing list - TBD

Source Code

  • https://github.com/OWASP/www-project-kubernetes-security-testing-guide

How to contribute