Defending Cloud Native Apps Against the Serverless Top 10

Explore the critical aspects of serverless security in this 20-minute DevSecCon talk. Dive into the challenges of protecting serverless applications as they gain popularity among attackers. Learn about the OWASP Serverless Top 10 and its practical application in securing cloud-native apps. Examine a typical serverless application architecture, including lambda functions and containers, and understand its various layers such as code, infrastructure, runtime, and supply chain. Map potential risks to each layer based on the OWASP Top 10 list. Witness demonstrations of effective open-source tools that can help defend your application against these threats across all layers. Gain valuable insights into leveling up your serverless security practices to keep pace with rapid engineering advancements.