Blowing up Serverless Security and (How to Avoid it) Part 1

Presented by

Josh Stella, Fugue co-Founder and CTO, Wayne Crissman, Fugue Director of Security, Curtis Myzie, Fugue VP of Engineering

About this talk

“Serverless” cloud architectures that leverage services such as AWS Lambda and Azure Functions are transforming how we build and deploy applications. Serverless applications also require us to transform how we think about keeping our data secure. In this Cloud Security Masterclass session, we dig into how security is different for serverless cloud infrastructure environments —and what hasn’t changed. Josh Stella (co-founder and CEO of Fugue) is joined by Curtis Myzie (VP of Engineering) and Wayne Crissman (Director of Security) to walk through what it takes to keep data and applications secure in a serverless environment. This session covers: How going serverless “shifts” the Shared Responsibility Model The serverless attack surface — what’s changed and what stays the same Modern serverless attack vectors, including IAM misconfiguration attacks The impact of serverless on compliance audits Dos and don’ts to keep your serverless environment and data secure
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (26)
Subscribers (2869)
Snyk (pronounced sneak) is a developer security platform for securing custom code, open source dependencies, containers, and cloud infrastructure all from a single platform. Snyk’s developer security solutions enable modern applications to be built securely, empowering developers to own and build security for the whole application, from code & open source to containers & cloud infrastructure. Secure while you code in your IDE: find issues quickly using the scanner, fix issues easily with remediation advice, verify the updated code. Integrate your source code repositories to secure applications: integrate a repository to find issues, prioritize with context, fix & merge. Secure your containers as you build, throughout the SDLC: start fixing containers as soon as your write a Dockerfile, continuously monitor container images throughout their lifecycle, and prioritize with context. Secure build and deployment pipelines: Integrate natively with your CI/CD tool, configure your rules, find & fix issues in your application, and monitor your applications. Secure your apps quickly with Snyk’s vulnerability scanning and automated fixes - Try for Free!