# OWASP Top 10 CI/CD Security Risks ja

This is the unofficial Japanese translation of the [OWASP Top 10 CI/CD Security Risks](https://github.com/OWASP/www-project-top-10-ci-cd-security-risks).

* Document Site - <https://coky-t.gitbook.io/owasp-top-10-ci-cd-security-risks-ja/>
* Document Repository - <https://github.com/coky-t/owasp-top-10-ci-cd-security-risks-ja>

### Originator

* Project Site - <https://owasp.org/www-project-top-10-ci-cd-security-risks/>
* Project Repository - <https://github.com/OWASP/www-project-top-10-ci-cd-security-risks>
* Project Repository - <https://github.com/cider-security-research/top-10-cicd-security-risks>

## OWASP Top 10 CI/CD セキュリティリスク 日本語版

* [OWASP Top 10 CI/CD セキュリティリスク](https://coky-t.gitbook.io/owasp-top-10-ci-cd-security-risks-ja/owasp-top-10-cicd-sekyuritirisuku/index)
* [リーダー](https://coky-t.gitbook.io/owasp-top-10-ci-cd-security-risks-ja/owasp-top-10-cicd-sekyuritirisuku/leaders)
* [CICD-SEC-1](https://coky-t.gitbook.io/owasp-top-10-ci-cd-security-risks-ja/owasp-top-10-cicd-sekyuritirisuku/cicd-sec-01-insufficient-flow-control-mechanisms): 不十分なフロー制御メカニズム (Insufficient Flow Control Mechanisms)
* [CICD-SEC-2](https://coky-t.gitbook.io/owasp-top-10-ci-cd-security-risks-ja/owasp-top-10-cicd-sekyuritirisuku/cicd-sec-02-inadequate-identity-and-access-management): 不十分な ID およびアクセス管理 (Inadequate Identity and Access Management)
* [CICD-SEC-3](https://coky-t.gitbook.io/owasp-top-10-ci-cd-security-risks-ja/owasp-top-10-cicd-sekyuritirisuku/cicd-sec-03-dependency-chain-abuse): 依存チェーンの悪用 (Dependency Chain Abuse)
* [CICD-SEC-4](https://coky-t.gitbook.io/owasp-top-10-ci-cd-security-risks-ja/owasp-top-10-cicd-sekyuritirisuku/cicd-sec-04-poisoned-pipeline-execution): 有毒なパイプライン実行 (Poisoned Pipeline Execution (PPE))
* [CICD-SEC-5](https://coky-t.gitbook.io/owasp-top-10-ci-cd-security-risks-ja/owasp-top-10-cicd-sekyuritirisuku/cicd-sec-05-insufficient-pbac): 不十分なパイプラインベースのアクセス制御 (Insufficient PBAC (Pipeline-Based Access Controls))
* [CICD-SEC-6](https://coky-t.gitbook.io/owasp-top-10-ci-cd-security-risks-ja/owasp-top-10-cicd-sekyuritirisuku/cicd-sec-06-insufficient-credential-hygiene): 不十分な認証情報衛生 (Insufficient Credential Hygiene)
* [CICD-SEC-7](https://coky-t.gitbook.io/owasp-top-10-ci-cd-security-risks-ja/owasp-top-10-cicd-sekyuritirisuku/cicd-sec-07-insecure-system-configuration): 安全でないシステム構成 (Insecure System Configuration)
* [CICD-SEC-8](https://coky-t.gitbook.io/owasp-top-10-ci-cd-security-risks-ja/owasp-top-10-cicd-sekyuritirisuku/cicd-sec-08-ungoverned-usage-of-3rd-party-services): サードパーティサービスの無秩序な使用 (Ungoverned Usage of 3rd Party Services)
* [CICD-SEC-9](https://coky-t.gitbook.io/owasp-top-10-ci-cd-security-risks-ja/owasp-top-10-cicd-sekyuritirisuku/cicd-sec-09-improper-artifact-integrity-validation): 不適切なアーティファクト完全性バリデーション (Improper Artifact Integrity Validation)
* [CICD-SEC-10](https://coky-t.gitbook.io/owasp-top-10-ci-cd-security-risks-ja/owasp-top-10-cicd-sekyuritirisuku/cicd-sec-10-insufficient-logging-and-visibility): 不十分なログ記録と可視化 (Insufficient Logging and Visibility)

## License

[Creative Commons Attribution-ShareAlike 4.0 International](https://creativecommons.org/licenses/by-sa/4.0/)

## Translator (Japanese)

[Koki Takeyama](https://github.com/coky-t)

* Document Site - <https://coky-t.gitbook.io/owasp-docs-ja/>
* Document Repository - <https://github.com/coky-t/owasp-docs-ja>