Collaborate Disseminate
Serverless is a new approach to application architecture and deployment. Security becomes both easier and harder, and it […]
The post Serverless Security Scorecard appeared first on Protego.
The post Serverless Security Scorecard appeared first o… Continue reading Serverless Security Scorecard
Earlier this week, at the Microsoft Build conference 2018 in Seattle, PureSec unveiled the world’s first and only serverless security runtime environment for Azure functions (I actually demonstrated it live on stage). As stated in our press … Continue reading Rise of the (Serverless) Machines
Serverless is actually 3 different revolutions with 3 different core values: infrastructure, architecture, & operations.
The post Serverless: Three Revolutions Wrapped in One Buzzword appeared first on Protego.
The post Serverless: Three Revolution… Continue reading Serverless: Three Revolutions Wrapped in One Buzzword
One of the common use cases for serverless applications is to serve as an orchestration component for cloud applications. In such cases, serverless functions serve as the glue that holds everything together.
The post Weaknesses In Hybrid Serverles… Continue reading Weaknesses In Hybrid Serverless-Container Apps
Wow, we’re already at the sixth installment of the “Securing Serverless” blog series. Here’s a quick recap of previous episodes:
The post Securing Serverless – Blog Series – Episode 0x06 – Don’t Just Stand… Continue reading Securing Serverless – Blog Series – Episode 0x06 – Don’t Just Stand There…Do Something!
Did you know that more than one-in-five serverless applications contains critical security vulnerabilities?
The post Research Reveals That 21% of Open Source Serverless Applications Have Critical Vulnerabilities appeared first on Security Boulevard.
Continue reading Research Reveals That 21% of Open Source Serverless Applications Have Critical Vulnerabilities
A couple of weeks ago, I gave a talk on serverless security at Check Point. After my talk, Ohad Bobrov (VP, Enterprise Mobility at Check Point) approached me, and mentioned that he sees some resemblance between the ROP chaining exploitation techni… Continue reading Applying ROP Chaining Concepts to Serverless Functions
Having spent the last year and a half evangelizing serverless security and explaining how PureSec can help organizations with securing their serverless applications, it dawned on me that many people don’t have a clear understanding as to wha… Continue reading What Makes a Good Serverless Security Solution?
Having spent the last year and a half evangelizing serverless security and explaining how PureSec can help organizations with securing their serverless applications, it dawned on me that many people don’t have a clear understanding as to wha… Continue reading What Makes a Good Serverless Security Solution?
== Summary ==
The Node package “aws-lambda-multipart-parser” was found to be vulnerable to a ReDoS (Regular-Expression Denial of Service) attack vector. This vulnerability enables a malicious user to cause each AWS Lambda functio… Continue reading ReDoS Vulnerability in “AWS-Lambda-Multipart-Parser” Node Package