YoVDO

Serverless Security - New Risks Require New Approaches

Offered By: GOTO Conferences via YouTube

Tags

GOTO Conferences Courses Serverless Architectures Courses Cloud-Native Development Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore serverless security challenges and new approaches in this conference talk from GOTO Copenhagen 2021. Dive into the world of cloud-native development and serverless architecture, understanding their impact on traditional security models. Learn about resource-based IAM, loss of perimeter, and specific serverless risks. Examine the OWASP serverless top 10 and witness a live demo. Discover how traditional AppSec testing methods fall short in modern CI/CD pipelines and cloud-native environments. Gain insights into innovative security solutions for serverless applications, including SCA, image scanning, infrastructure as code, IAST, SAST, and DAST. Explore real-world use cases and the concept of a unified DevSecOps platform to address the unique security challenges of serverless computing.

Syllabus

Intro
Cloud native is the future of app development
Cloud native transformation has begun
More than a technology shift
Serverless architecture
What is serverless?
What about security?
Resource-based IAM
Loss of perimeter
Serverless risks
OWASP serverless top 10
Demo
Scale
Traditional AppSec testing for cloud native
Traditional testing in modern CI/CD pipelines
iRobot serverless app
SCA & image scanning
Infrastructure as code
IAST
SAST
DAST
AppSec testing, redefined for the cloud
Example use case
One DevSecOps platform
Outro


Taught by

GOTO Conferences

Related Courses

Cloud Computing Applications, Part 1: Cloud Systems and Infrastructure
University of Illinois at Urbana-Champaign via Coursera
Intro to Cloud Computing
Udacity
Building Modern Python Applications on AWS
Amazon Web Services via edX
Building Modern Java Applications on AWS
Amazon Web Services via edX
Building Modern Nodejs Applications on AWS
Amazon Web Services via edX