Cloud native technologies empower organizations to build and run scalable applications in modern, dynamic environments such as public, private, and hybrid clouds. Containers, cloud functions (serverless), service meshes, micro-services, immutable infrastructure, and declarative APIs exemplify this approach. Cloud-Native Applications is a fundamentally new and exciting approach to designing and building software. However, it also raises a completely new set of security challenges. For example, when you move to a microservice model, end-to-end visibility, monitoring and detection become more complex and difficult to execute.
The primary goal of this document is to provide assistance and education for organizations looking to adopt Cloud-Native Applications. The guide provides information about what are the most prominent security risks for Cloud-Native applications, the challenges involved, and how to overcome them.
- Forward
- Introduction
- Release notes
- Overview of Cloud-Native Applications
- The shared model of security responsibility
- Application security challenges in Cloud-Native applications
- Overview of the Top 10
- Top 10 (TBD)
- What's next sections
- Methodology & data
- Acknowledgements