Hi [[ session.user.profile.firstName ]]

Anatomy of a Serverless Injection Attack - Step by Step

The OWASP Serverless top 10 project has launched. The upcoming report will evaluate the Top 10 for serverless environments, explaining and demonstrating the differences in attack vectors, defense techniques, and business impact.

Join us for this webinar to learn about what might be the biggest change...& the most concerning – injection attacks. Protego’s Head of Security Research will show you what a serverless injection attack really looks like using code regularly found in the wild.

Key Takeaways:
--See a Slack bot serverless injection attack in action
--View serverless attacks from attacker’s & defender’s points of view
--Learn about the goal of the ongoing OWASP Serverless top 10 project
Recorded Nov 7 2018 33 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Tal Melamed, Head of Security Research, Protego Labs
Presentation preview: Anatomy of a Serverless Injection Attack - Step by Step
  • Channel
  • Channel profile
  • Anatomy of a Serverless Injection Attack - Step by Step Recorded: Nov 7 2018 33 mins
    Tal Melamed, Head of Security Research, Protego Labs
    The OWASP Serverless top 10 project has launched. The upcoming report will evaluate the Top 10 for serverless environments, explaining and demonstrating the differences in attack vectors, defense techniques, and business impact.

    Join us for this webinar to learn about what might be the biggest change...& the most concerning – injection attacks. Protego’s Head of Security Research will show you what a serverless injection attack really looks like using code regularly found in the wild.

    Key Takeaways:
    --See a Slack bot serverless injection attack in action
    --View serverless attacks from attacker’s & defender’s points of view
    --Learn about the goal of the ongoing OWASP Serverless top 10 project
  • The Serverless Show EP.5: Is It Right for Startups? & More Recorded: Sep 6 2018 25 mins
    Mike Atkins, Distr. Systems Engineer LaunchDarkly, Hillel Solow, CTO, Tal Melamed, Head of Security Research, Protego Labs
    For this episode, Hillel and Tal from Protego were joined by Mike Atkins, a distributed systems engineer at LaunchDarkly. The group discussed recent news and Qs like:
    - Does serverless make sense for startups?
    - What’s the best approach for large enterprises?
    - What’s the best metric to evaluate serverless?*

    Visit the summary on our blog and you can also listen to the audio.
    https://www.protego.io/the-serverless-show-is-it-right-for-startups-more/
  • Serverless 101: What It Is & Why You Should Care Recorded: Aug 9 2018 47 mins
    Brian Thomas, CTO, Security7 Networks; Hillel Solow, CTO and Co-founder, Protego Labs
    “Serverless” is more than a contentious buzzword. This new application architecture can solve problems, such as filling in IT gaps quickly, at a low cost.

    Whether you’re considering deploying serverless apps, or they’re creeping into your infrastructure anyway, join us for this interactive webinar. We’ll cover some of the key advantages of serverless tech, as well as the new security challenges you need to be aware of.

    Key Takeaways:
    - Why serverless is what the cloud was meant for
    - Your serverless computing options
    - The unique security landscape of serverless
    - Simple steps to protect against serverless attacks
  • The Serverless Show, Ft. Yan Cui. Do We Ever Learn? Recorded: Aug 3 2018 31 mins
    Yan Cui, Principal Engineer at DAZN, Hillel Solow, CTO and Co-founder, Protego Labs, Tal Melamed, Head of Security Research,
    This episode of the Serverless Show, features serverless expert Yan Cui. Topics include the changes in company culture driven by serverless, Google Cloud Functions, the pains going from containers to Kubernetes to Serverless, and other conversations we wish we weren’t having.

    Read the synopsis on our blog: https://www.protego.io/the-serverless-show-ft-yan-cui-do-we-ever-learn/
  • The Serverless Show: Serverless + Blockchain, The Comprehension Divide Recorded: Jul 17 2018 30 mins
    Chris Ensey, COO of Riot Blockchain, Hillel Solow, CTO & Co-founder, Protego Labs, Shali Mor, VP, R&D & Co-founder, Protego
    On The Serverless Show, Hillel and Shali of Protego were joined by Chris Ensey, COO of Riot Blockchain. The group discussed:
    - Serverless & blockchain
    - The fiery topic of the role of DevOps
    - How Ops can let developers work at the speed of serverless... in a -sane way
    - Where organizations have the biggest hurdle

    In addition to the you can read the summary on our blog: https://www.protego.io/the-serverless-show-serverless-blockchain-the-comprehension-divide-role-of-devops-more/

    Or listen to the audio: https://soundcloud.com/protegolabs/the-serverless-show-the-comprehension-divide-role-of-devops-more
  • The Serverless Show, Ft. John Visneski from The Pokémon Company Recorded: Jul 2 2018 30 mins
    John Visneski, Dir of InfoSec, Pokémon, Hillel Solow, CTO & Co-founder, Tal Melamed, Head of Security Research, Protego
    For this episode of The Serverless Show, Hillel and Tal from Protego Labs were joined by John Visneski, Director of Information Security & Data Protection Officer at The Pokémon Company International. The group discussed the use of serverless at Pokémon, serverless bitcoin mining attacks, the pervasive vendor lock-in conundrum, the impact of serverless to security, and finally favorite tweets, including one in which Hillel was called out for spreading bullsh**.
  • The Serverless Show - How People are Moving to Serverless & WHY Recorded: Jun 13 2018 24 mins
    Wayne Scarano, Founder/Cloud Security Architect, SGA, Hillel Solow, CTO & Co-founder, Tal Melamed, Security Research, Protego
    We’re pleased to share our first podcast, “The Serverless Show.” Hillel and Tal from Protego Labs were joined by guest Wayne Scarano, Founder, Cloud/Cybersecurity Architect, SGA Business Systems. Topics discussed include:

    • How are people moving to serverless?
    -... and WHY?
    • The impact of serverless on security
    • As Amazon dominates serverless, are you locked in?
    • Benefits of serverless standardization
    • Lowest hanging fruit to focus serverless security efforts

    You can also read the summary on our blog:
    https://www.protego.io/the-weeks-in-serverless-inaugural-podcast/

    or listen to the audio:
    https://soundcloud.com/protegolabs/protego-labs-weeks-in-serverless-podcast2
  • Serverless Security Quick Wins Recorded: May 31 2018 41 mins
    Hillel Solow, CTO and Co-founder, Protego Labs
    Maintaining control and security of serverless applications requires a paradigm shift in your approach. Shrinking privileges of your serverless functions to least privilege is a key component to securing your applications and mitigating risks.

    Key Takeaways:
    --Why least privilege is particularly vital in serverless architectures
    --The unique flexibility and challenges serverless adds
    --Easy ways to mitigate risk by shrinking privilege
    --Mitigating the threat of malicious functions

    Join us for this informative session and you’ll understand the critical importance of least privilege in this differing threat landscape, and many solutions you can implement immediately.
  • Serverless Security Step by Step Recorded: Apr 12 2018 45 mins
    Hillel Solow, CTO and Co-founder, Protego Labs
    Moving to serverless makes some things better and some things worse, but pretty much nothing stays the same. The threats to your serverless apps are consistent in many ways, but they won’t look and act the same way. Maintaining control and security requires a paradigm shift in your thinking.

    In this webinar we’ll cover both the security advantages of serverless apps and the top 6 serverless security challenges, plus solutions for mitigation.
    Key Takeaways:
    -Security advantages of serverless application architectures
    -Top 6 serverless security challenges
    -Solutions for mitigation

    Join us for this informative session and you’ll understand the differing threat landscape, as well as many solutions you can implement immediately.
Protego, the First Comprehensive Serverless Security Solution
Recognizing the inadequacy of traditional application security paradigms, Protego Labs designed the first comprehensive solution built with the unique constraints and opportunities of serverless in mind. Through continuous serverless security posture, dynamic serverless intelligence, and elastic defense, Protego helps organizations achieve control over the security of their applications.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Anatomy of a Serverless Injection Attack - Step by Step
  • Live at: Nov 7 2018 4:00 pm
  • Presented by: Tal Melamed, Head of Security Research, Protego Labs
  • From:
Your email has been sent.
or close