The date for the release of slides and videos has not been determined.  
Please, visit the event site for further information.
Back To Schedule
Thursday, May 30 • 2:35pm - 3:05pm
OWASP Serverless Top 10

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
In moving to serverless, we shift some security responsibilities to the infrastructure provider by eliminating the need to manage servers. Unfortunately, that doesn’t mean we’re entirely absolved of all security duties. Serverless functions still execute code and can still be vulnerable to application-level attacks. As a new type of architecture, serverless presents new security challenges. Some are equal to traditional application development, but some take a new form. Attackers are thinking differently, and developers must do so as well to gain the upper hand. 

In this talk, I will dive into the Top 10 risks of the OWASP Serverless Top 10 project. I will discuss why these risks are different from traditional attacks and how we should protect our application against them. I will also introduce OWASP DVSA, a deliberately vulnerable tool, aiming to assist both security professionals and developers to better understand the implications and processes of serverless security.

avatar for Tal Melamed

Tal Melamed

Sr Director, Cloud Native Security Research, Contrast Security
With over 15 years’ experience in security research and engineering, Tal, Sr. Director at Contrast Security, possesses an unprecedented understanding of the Application and the Serverless Security landscape. Recently, Tal co-founded CloudEssence, a cloud-native security company... Read More →

Thursday May 30, 2019 2:35pm - 3:05pm IDT
Hall A