YoVDO

Serverless Top 10 Vulnerabilities by Tal Melamed

Offered By: Bugcrowd via YouTube

Tags

Cybersecurity Courses Serverless Courses Access Control Courses Insecure Deserialization Courses

Course Description

Overview

Explore the top 10 vulnerabilities in serverless architectures in this 52-minute conference talk by Tal Melamed from Bugcrowd. Dive into the OWASP Serverless Top 10 project, examining how traditional security threats apply to serverless applications. Discover the unique attack vectors, security weaknesses, and business impacts specific to the serverless world. Learn about crucial differences in prevention techniques compared to traditional applications. Gain insights into topics such as event injection, broken authentication, XML external entity attacks, access control issues, security misconfigurations, cross-site scripting, insecure deserialization, and insufficient logging and monitoring. Understand the evolution of cloud computing, serverless providers, and the importance of adapting security practices for this emerging technology. Conclude with resources for further learning, including the DVSA eXpliter tool.

Syllabus

Intro
The Evolution of the Cloud
Is it here to stay?
Serverless Providers
Event Injection
Broken Authentication
XML External Entity
Broken Access Control
Security Misconfiguration
Cross-Site Scripting
Insecure Deserialization
Insufficient Logging & Monit A
How can we learn more
DVSA eXpliter


Taught by

Bugcrowd

Related Courses

Access Control Concepts
(ISC)² via Coursera
AZ-303 Part 2 - Implement Management and Security Solutions in Azure
A Cloud Guru
Google Cloud Identity and Access Management (IAM) Deep Dive
A Cloud Guru
Google Kubernetes Engine Deep Dive
A Cloud Guru
HashiCorp Vault
A Cloud Guru