Dive into a comprehensive exploration of serverless security vulnerabilities and defense strategies in this 53-minute conference talk from Ekoparty 2020. Discover the speaker's findings on publishing malicious NPM packages to smuggle malicious code, and learn about critical security issues such as Denial of Wallet attacks, Remote Code Execution (RCE) in serverless environments, and privilege escalation. Examine insecure default settings in serverless frameworks and gain valuable insights on preventing and detecting these attacks. Engage with numerous demonstrations and enjoy an informative yet entertaining presentation that covers essential aspects of serverless security, equipping you with knowledge to better protect and secure serverless applications.
Overview
Syllabus
Pawel Rzepa - Serverless security: attack & defense - Ekoparty 2020
Taught by
Ekoparty Security Conference
