Overview
Explore serverless technology security risks in this Black Hat conference talk. Delve into the primary threat of event injection across various event types, including emails, logs, files, and even Alexa. Learn about the shared responsibility model in serverless architectures and examine real-world examples from AWS, Slack, and other cloud services. Gain insights into potential vulnerabilities in cloud storage, databases, and email systems within serverless environments. Understand the implications of passing security threats to cloud providers and the importance of maintaining vigilance in serverless application security.
Syllabus
Intro
Flight Ordering
Who am I
Disclaimer
What is Serverless
Who is using Serverless
Serverless Trends
Containers
Shared Responsibility
Service
Cloud Access
AWS Example
Slack Example
Chatboard Example
Database Example
Cloud Storage Example
Email Example
Taught by
Black Hat