Serverless Security at Serverless Conf

Guy Podjarny's avatar Guy Podjarny

Today I had the pleasure of presenting at the amazing ServerlessConf in Austin, Texas about security in a serverless world.

Serverless is a fundamental evolution of cloud computing, and we are forming best practices and tooling as we speak. It’s critical that we make security a core part of these practices, and—as many repeated during the conference—security is not discussed nearly enough.

A huge thanks to the team at A Cloud Guru who organises ServerlessConf for giving me the opportunity to discuss where Serverless helps security and where it hurts, and what security areas you still need to protect.

The video and slides from my talk, “Serverless Security: What’s Left to Protect?” are below. For even more about how serverless impacts security, you can read my recent post about serverless security implications.

Video:

Slides:

Which of the OWASP Top 10 Caused the World’s Biggest Data Breaches?

May 10, 2017

The OWASP Top 10 is a well known index of web app security vulnerabilities which is used every day by security professionals, but it doesn't currently take into account how often those vulnerabilities are used by hackers. We dug through security breach records to see which vulnerabilities are exploited most frequently.

Introducing Snyk for Serverless

April 26, 2017

Today we're excited to announce Snyk's new solution for securing your serverless functions, designed to easily integrate and protect serverless-based applications! The initial launch features tight integration with both AWS Lambda and Heroku. We're also working closely with Google, Red Hat and others to integrate directly with their platforms in the coming months.

Subscribe to The Secure Developer Podcast

A podcast about security for developers, covering tools and best practices.

Find out more

Interested in web security?

Subscribe to our newsletter:

Get realtime updates and fixes for JavaScript, Ruby and Java vulnerabilities that affect your applications