Tuesday, April 2, 2019

[InfosecWorld 19] D11 HACKING SERVERLESS APPLICATIONS: SCAN, ATTACK AND DEFENSE

 WEDNESDAY, APRIL 3RD, 2019 
 10:30 AM - 11:20 AM

PRESENTED BY:

INFO

In the today’s technological era, modern applications are actively using cloud components as their platform. The cloud infrastructure has been evolved from IAAS, PAAS, SAAS to FAAS (Function as a service) where developers have to just focus on the core functionality only, no need to worry about DevOps issues like where it runs, how it runs, how to scale, etc. The companies also do not prefer to invest on physical infrastructure and opting for “pay as you go” model. Needless to say but that’s the true serverless approach, win-win situation for developers and companies. But nothing comes without a cost, security is still a major concern for serverless applications in the “ignorance is bliss” mindset. 
  • Serverless applications architecture and their design patterns
  • Real life attack scenario on serverless application with demos
  • Analyzing serverless applications with lambda scanner toolkit
  • Securing serverless applications

Technical Level: Medium

More info over here