OWASP Cloud ‐ 10/Initial Pre-Alpha List of OWASP Cloud Top 10 Security Risks

Initial pre-alpha list of OWASP Cloud Top 10 Security Risks
 Table 1: Top 10 Cloud - Security Risks 

Other OWASP Cloud-10 Candidates

 * exposure to non-prod and internal environments
 * Integration between cloud and internally hosted services
 * Patching and Vulnerability Management
 * Lack of Transparency in Internal Security Controls and difficulty/complexity of auditing
 * Enterprise Intranets exposed directly on Internet (if they move on a Public Cloud)

This needs to be debated and for each of these we may need to add a separate page-holder with the following details.


 * Various Risk Scenarios
 * Real World Examples
 * Possible Mitigation and Security Controls
 * Reference to any related Incident