Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Serverless

Spectral

The Developer's Guide to Serverless Security

Jun 7, 2022 By Eyal Katz In Spectral

Serverless computing brings a highly efficient way to deploy applications and run software on demand. Testament to that is the fact that serverless application adoption is increasing significantly over the years, with at least 1 in 5 organizations using FaaS (Function as a Service) in major Cloud providers such as Amazon, Azure & GCP.

Read Post
sumologic

Why end-to-end visibility is critical to secure your apps in a serverless world

Jun 6, 2022 By Chas Clawson In Sumo Logic
One of the universal truths in technology is that security always lags behind innovation. Companies must move quickly as they seek to innovate, increase efficiencies and be disruptive in ever-crowded markets. Living on the bleeding edge means you will get a few cuts, but the risk of not adopting new technologies is greater than those of a few system failures or breaches. One challenge is that it is often not apparent what new risks exist until boundaries are pushed.
Read Post

Vulnerable AWS Lambda function - Initial access in cloud attacks - Blog Article

Feb 24, 2022 By Sysdig In Sysdig
Serverless is becoming mainstream in business applications to achieve scalability, performance, and cost efficiency without managing the underlying infrastructure. Our security research team will explain a real attack scenario from the black box and white box perspective on how a vulnerable AWS Lambda function could be used by attackers as initial access into your cloud environment. Finally, we show the best practices to mitigate this vector of attack.
View Video
sysdig

Vulnerable AWS Lambda function - Initial access in cloud attacks

Jan 18, 2022 By Stefano Chierici In Sysdig

Our security research team will explain a real attack scenario from the black box and white box perspective on how a vulnerable AWS Lambda function could be used by attackers as initial access into your cloud environment. Finally, we show the best practices to mitigate this vector of attack. Serverless is becoming mainstream in business applications to achieve scalability, performance, and cost efficiency without managing the underlying infrastructure.

Read Post
sysdig

Securing AWS Fargate workloads: Meeting File Integrity Monitoring (FIM) requirements

May 4, 2021 By Alba Ferri In Sysdig

Securing AWS Fargate serverless workloads can be tricky as AWS does not provide much detail about the internal workings. After all… it’s not your business, AWS manages the scaling of underlying resources for you. :) While the security and stability of Fargate’s system is an inherent feature, Fargate follows a shared responsibility model, where you still have to take care of securing those parts specific to your application..

Read Post

AWS Fargate runtime security - Implementing File Integrity Monitoring with Sysdig

May 4, 2021 By Sysdig In Sysdig
Thanks to serverless you can focus on your apps, instead of your infrastructure. Take AWS Fargate as an example. A service where you can deploy containers as Tasks, without worrying what physical machine they run on. However, without access to the host How can you detect suspicious activity? Like, file changes on your Fargate tasks? Sysdig provides runtime detection and response to secure Fargate serverless containers.
View Video
alienvault

Serverless computing: Is it worth the risk?

Jan 28, 2021 By Theodoros Karasavvas In AT&T Cybersecurity

A new trend for developers is emerging, as many companies shift towards using serverless computing. The name is a bit misleading, as serverless computing still relies on servers for storing data, but those who use serverless computing leave the maintenance of the server to their provider. They pay only for the storage needed to execute the code they develop.

Read Post
bearer

Using Bearer with Serverless Functions

Aug 3, 2020 By Mark Michon In Bearer

Did you know that you can use Bearer with serverless functions? While serverless, or cloud functions, might not be your first choice for making API calls they can be a great way to proxy API requests or even act as a lightweight API gateway. They also offer a great way to bring some of the benefits of Bearer into the Jamstack. The set up process is similar to installing the Bearer Agent into a traditional app, but there are a few things to watch out for.

Read Post

Panel Discussion: Cloud Security - Keeping Serverless Data Safe

Apr 16, 2020 By Mend In Mend
The push to the cloud has introduced a previously unknown level of agility to many organizations, but sometimes at the expense of data security. Human error often is the cause of cloud security blunders, putting sensitive data at risk and causing real damage to companies in terms of financial liability and loss of reputation. This webinar discusses some of the more overlooked aspects of cloud security and offers up some best practices for ensuring data in the cloud is truly secure.
View Video
sumologic

Serverless Computing Security Tips

Sep 19, 2019 By Sumo Logic In Sumo Logic
Serverless computing is becoming more popular as organizations look for new ways to deploy their applications in the cloud. With higher levels of abstraction, easier maintenance, a focus on high performance, and ephemeral workloads, serverless computing solutions like Lambda are finding a permanent place in the mix of cloud infrastructure options.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.