Overview
Most of the software security flaws were found at deployment implementations due to insecure configurations in the environment. Software security flaws can be introduced by:
Not identifying security requirements up front
Introducing flaws during maintenance or updating
Reviewing process with the checklists
The review process is simply cross-checking the implemented code with the checklist. The checklist were categorized per critical implementation checkpoints. Each of checkpoints were listed below:
Kubernetes Security
Implement appropriate configurations based on https://cheatsheetseries.owasp.org/cheatsheets/Kubernetes_Security_Cheat_Sheet.html.
Microservices Security
Implement appropriate deployment model and configuration based on https://cheatsheetseries.owasp.org/cheatsheets/Microservices_security.html.
Attachments:
2df9b06a-b050-426a-80bd-f0acda42ce58 (image/png)
877582b7-39f1-43ce-9a17-7c845066f169 (image/png)
85cccca9-b516-4dde-ab8f-f8a2babb7aa9 (image/png)