Loading…
The date for the release of slides and videos has not been determined.  
Please, visit the event site for further information.
Thanks
Thursday, May 30 • 2:35pm - 3:05pm
OWASP Serverless Top 10

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
In moving to serverless, we shift some security responsibilities to the infrastructure provider by eliminating the need to manage servers. Unfortunately, that doesn’t mean we’re entirely absolved of all security duties. Serverless functions still execute code and can still be vulnerable to application-level attacks. As a new type of architecture, serverless presents new security challenges. Some are equal to traditional application development, but some take a new form. Attackers are thinking differently, and developers must do so as well to gain the upper hand. 

In this talk, I will dive into the Top 10 risks of the OWASP Serverless Top 10 project. I will discuss why these risks are different from traditional attacks and how we should protect our application against them. I will also introduce OWASP DVSA, a deliberately vulnerable tool, aiming to assist both security professionals and developers to better understand the implications and processes of serverless security.

Speakers
avatar for Tal Melamed

Tal Melamed

Head of Security Research, Protego Labs
In the past year, Tal Melamed been experimenting in offensive and defensive security for the serverless technology, as part of his role as Head of Security Research at Protego Labs. Specializing in AppSec, he has more than 15 years of experience in security research and vulnerability... Read More →


Thursday May 30, 2019 2:35pm - 3:05pm
Hall A

Attendees (22)