| layout | title | tags | level | type | pitch |
|---|---|---|---|---|---|
col-sidebar |
OWASP Non-Human Identities Top 10 |
example-tag |
2 |
documentation |
A very brief, one-line description of your project |
The Non-human identity (NHI) top 10 is a comprehensive list of the most pressing security risks and vulnerabilities that non-human identities present to organizations. Non-human identities are prevalent in usage for facilitating creation of applications by developers, and the project is aimed at helping security professionals thoroughly understand their non-human attack surface, so they can better protect and manage it. The project spans across thoroughly explaining the risks and their potential exploits, as well as providing actionable prevention practices and incident response playbooks.
- Submission of project proposal (Now)
- Reaching out to prominent contributors of the identity security space (Ongoing)
- Mapping out top X risks
- Data collection on chosen risks
- A public survey co-operated with Cloud Security Alliance (CSA)
- Data assessment on real-life environments and platforms
- Aggregation of data and risk scoring
- Final draft of the top 10 risks alongside above Documentation efforts
- Round-table together with contributors and leaders to construct roadmap towards project review and graduation to a Lab project (~6 months after project inception)