Room 1 

16:20 - 17:20 


Talk (60 min)

Introducing the OWASP Top 10 for Kubernetes

Given the growth and adoption of Kubernetes, a number of projects have been published in the OWASP community to help practitioners assess and secure the security of their containerized infrastructure including the recently released Top Ten for Kubernetes (

This OSS project is a community-curated list of the most common Kubernetes risks backed by data collected from organizations varying in maturity and complexity. This session will discuss the project in detail, examples for each of the risks in the list, and how you can get involved.

Steve Wade

Steve Wade is currently one of the founding engineers at KSOC, a Kubernetes security startup. Before his current role, Steve held Platform leadership roles at UnderWrite Me and Mettle. During these roles, he leveraged the concept of GitOps to provide self-service platforms to developers. He has also provided Kubernetes consultancy and training worldwide during his time as a Consultant at Apprenda. Steve has served in leadership roles across many verticals including real estate, gaming, and the UK parliament.

Steve has a BSc in Computer Science and is passionate about cloud-native software development and distributed computing. You can find him as @swade1987 on Twitter and GitHub.