Serverless Security Top 10 Guide

Serverless Security And The Weakest Link (Or How Not to Get Nuked by App-DoS)

Posted on February 8, 2019 by Ory Segal, PureSec CTO

Here’s a short blog post on design-for-failure, serverless scalability, App layer DoS and what happens when you rely on open source 3rd party libraries.
The post Serverless Security And The Weakest Link (Or How Not to Get Nuked by App-DoS) appeare… Continue reading Serverless Security And The Weakest Link (Or How Not to Get Nuked by App-DoS)→

If It Happened To Facebook…

Posted on September 28, 2018 by Ory Segal, PureSec CTO

Earlier today, Facebook released a blog post regarding a recent discovered vulnerability in their platform, which apparently got exploited by attackers. Here’s an excerpt from the Facebook blog:
The post If It Happened To Facebook… appe… Continue reading If It Happened To Facebook…→

Applying ROP Chaining Concepts to Serverless Functions

Posted on March 28, 2018 by Ory Segal, PureSec CTO

A couple of weeks ago, I gave a talk on serverless security at Check Point. After my talk, Ohad Bobrov (VP, Enterprise Mobility at Check Point) approached me, and mentioned that he sees some resemblance between the ROP chaining exploitation techni… Continue reading Applying ROP Chaining Concepts to Serverless Functions→