OWASP Kubernetes Top Ten

About the Kubernetes Top 10

When adopting Kubernetes, we introduce new risks to our applications and infrastructure. The OWASP Kubernetes Top 10 is aimed at helping security practitioners, system administrators, and software developers prioritize risks around the Kubernetes ecosystem. The Top Ten is a prioritized list of these risks. In the future we hope for this to be backed by data collected from organizations varying in maturity and complexity.

Top 10 Kubernetes Risks - 2022

Getting Involved

Development, issues, and discussion all take place on the OWASP Kubernetes Top Ten GitHub repository. Join the conversation!


The Kubernetes OWASP Top 10 document is licensed under the CC BY-NC-SA 4.0, the Creative Commons Attribution-ShareAlike 4.0 license. Some rights reserved.

Project Leaders


Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.