Blowing up Serverless Security and (How to Avoid it) Part 1

Presented by

Josh Stella, Fugue co-Founder and CTO, Wayne Crissman, Fugue Director of Security, Curtis Myzie, Fugue VP of Engineering

About this talk

“Serverless” cloud architectures that leverage services such as AWS Lambda and Azure Functions are transforming how we build and deploy applications. Serverless applications also require us to transform how we think about keeping our data secure. In this Cloud Security Masterclass session, we dig into how security is different for serverless cloud infrastructure environments —and what hasn’t changed. Josh Stella (co-founder and CEO of Fugue) is joined by Curtis Myzie (VP of Engineering) and Wayne Crissman (Director of Security) to walk through what it takes to keep data and applications secure in a serverless environment. This session covers: How going serverless “shifts” the Shared Responsibility Model The serverless attack surface — what’s changed and what stays the same Modern serverless attack vectors, including IAM misconfiguration attacks The impact of serverless on compliance audits Dos and don’ts to keep your serverless environment and data secure

Related topics:

More from this channel

Upcoming talks (7)
On-demand talks (19)
Subscribers (797)
Cloud computing has turned security on its head. The cloud attack surface is the configuration of thousands of interrelated resources — and it’s all changing constantly. Ensuring continuous cloud security and compliance requires a deep understanding how cloud works and the nature of misconfiguration. Why it happens, how hackers exploit it, and how to prevent it. At Fugue, we’re committed to helping cloud professionals master the concepts they need to ensure the security of their cloud infrastructure. Our Cloud Security Masterclass series is led by Fugue CTO and co-founder Josh Stella, who has extensive experience with cloud security and working with national security customers as a Principal Solutions Architect with AWS. He takes us on technical deep dives into critical cloud infrastructure security concepts. Fugue helps cloud teams transform how they do cloud security at every stage of the software development lifecycle — so they can move faster in the cloud without breaking the rules that put data at risk.