OWASP ‘ServerlessGoat’: A Vulnerable Demo Serverless Application

 

Throughout the years, the concept of creating vulnerable applications for learning and
demonstrating
 application security concepts has become common practice
.
 Years ago, OWASP launched the WebGoat&… Continue reading OWASP ‘ServerlessGoat’: A Vulnerable Demo Serverless Application

Tracing AWS SDK Calls With No Code Changes for AWS Lambda Security

There is a lot of buzz around Lambda function monitoring. You can find about a dozen companies that will provide you with very nice tools for debugging, profiling and monitoring of your AWS Lambda functions. AWS also offers its own services that c… Continue reading Tracing AWS SDK Calls With No Code Changes for AWS Lambda Security

PureSec Collaborates with Amazon Web Services to Provide Zero-Overhead Application Security for AWS Lambda Customers

The new PureSec protection layer for AWS Lambda is designed to help AWS customers further secure their serverless applications against cyber-attacks with minimal effort and no operational overhead
TEL AVIV, Israel, November 29, 2018 — PureSec, to… Continue reading PureSec Collaborates with Amazon Web Services to Provide Zero-Overhead Application Security for AWS Lambda Customers

AWS Security Best Practices: Lambda DoS Mitigation Strategies

Overview
How to avoid DoS and design resilient serverless applications is one of the most common topics we hear when discussing AWS Lambda security with organizations that are in the process of adopting serverless architectures.
The post AWS Secur… Continue reading AWS Security Best Practices: Lambda DoS Mitigation Strategies

AWS Security Best Practices: AWS Lambda Security – Design for Failure

For security experts, the terms “Remote Code Execution” (RCE) or “Arbitrary Code Execution” makes the hairs on the back of their neck stand on end. This is because RCE is among the worst-case scenarios of a cyber attack – a… Continue reading AWS Security Best Practices: AWS Lambda Security – Design for Failure

Talking Serverless And AWS Lambda Security With Jeff Forristal

Introduction
In my previous blog interview with Jeremiah Grossman, I mentioned that throughout the years, I befriended a small group of people, with which every discussion is always intriguing, challenging and truly inspiring. Jeff Forristal … Continue reading Talking Serverless And AWS Lambda Security With Jeff Forristal