From Zero to Cybersecurity Analyst

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Serverless Security - Attack & Defense

Hack In The Box Security Conference via YouTube

Start learning Write review

Overview

Explore serverless security attack vectors and defense strategies in this 51-minute conference talk from the Hack In The Box Security Conference. Delve into various aspects of serverless application security, focusing on AWS Lambda functions, with insights into Azure and GCP environments. Learn about publishing malicious NPM packages, validation errors in serverless applications, insecure defaults in Serverless framework, and potential Denial of Wallet attacks. Discover techniques for preventing these attacks through numerous demonstrations and practical examples. Gain valuable knowledge from senior security consultant Pawel Rzepa, who shares his expertise in penetration testing, cloud security assessments, and threat analysis.

Syllabus

Intro
Agenda
Lambda
Demo
GCP
Dependency poisoning
Searching for ready to use code
Defense
Denial of wallet
Secrets
Storage Account
Analysis
Attack from Lambda
Dangling resources
Summary

Taught by

Hack In The Box Security Conference

Reviews

Start your review of Serverless Security - Attack & Defense

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.