All videos
Opera view

Serverless security: defence against the dark arts

October 7, 2019

AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what's left for you to secure? Quite a bit it turns out.

The OWASP top 10 is as relevant to you as ever; DOS attacks are still a threat even if you can probably brute force your way through it as AWS auto-scales Lambda functions automatically; and did you know attackers can easily steal your AWS credentials via your application dependencies?

In addition to the traditional threats, serverless applications have more granular deployment units and therefore there are more things to configure and secure, and the tools and practices are still catching up with this fast-changing world.

Join us in this talk to learn more about the security threats that will affect your serverless application and some leading practices that help you combat these threats.

Tags

Cloud AWS Serverless

About the speaker

Yan Cui

Yan Cui

AWS Serverless Hero and the author of Production-Ready Serverless
Yan is an experienced engineer who has run production workload at scale in AWS for over 10 years. He has been an architect and principal…
Read more

Other videos that you might like

fallback image
Cloud
On Track with Apache Kafka
Robin Moffatt
fallback image
Cloud
Serverless 2.0 with Cloudstate.io
Sean Walsh
fallback image
Cloud
Cloud Architecture – Lessons learned
Scott Saltsgaver
fallback image
Cloud
Impedance Matching Legacy Apps to Prometheus Monitoring: Techniques and Challenges
Greg Herlein, David Wang
All videos