Back To Schedule
Thursday, February 16 • 11:30am - 12:30pm

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
When adopting serverless technology, we eliminate the need to develop a server to manage our application and by doing so, we also pass some of the security threats to the infrastructure provider. However, serverless functions, even without provisioning or managing servers, still execute code. If this code is written in an insecure manner, it can still be vulnerable to traditional application-level attacks. The OWASP Serverless Top 10 project recently launched. In this talk, I will examine how the original Top 10 stack up for serverless apps. In particular, we’ll examine the differences in attack vectors, security weaknesses, and the business impact of successful attacks on applications in the serverless world, and, most importantly, how to prevent them. As we will see, attack vectors and prevention techniques are completely different from the traditional application world.

avatar for Tal Melamed

Tal Melamed

Sr Director, Cloud Native Security Research, Contrast Security
With over 15 years’ experience in security research and engineering, Tal, Sr. Director at Contrast Security, possesses an unprecedented understanding of the Application and the Serverless Security landscape. Recently, Tal co-founded CloudEssence, a cloud-native security company... Read More →

Thursday February 16, 2023 11:30am - 12:30pm GMT
Room: Liffey Meeting Room 2