Serverless Security - Attack & Defense

Dive into a comprehensive exploration of serverless security vulnerabilities and defense strategies in this 53-minute conference talk from Ekoparty 2020. Discover the speaker's findings on publishing malicious NPM packages to smuggle malicious code, and learn about critical security issues such as Denial of Wallet attacks, Remote Code Execution (RCE) in serverless environments, and privilege escalation. Examine insecure default settings in serverless frameworks and gain valuable insights on preventing and detecting these attacks. Engage with numerous demonstrations and enjoy an informative yet entertaining presentation that covers essential aspects of serverless security, equipping you with knowledge to better protect and secure serverless applications.

Pawel Rzepa - Serverless security: attack & defense - Ekoparty 2020