Suche senden
Hochladen
Owasp top 10 serverless
•
1 gefällt mir
•
745 views
隆博 田中
Folgen
OWASP Nagoya Chapter 9 2019/2/8 発表資料
Weniger lesen
Mehr lesen
Technologie
Melden
Teilen
Melden
Teilen
1 von 21
Jetzt herunterladen
Downloaden Sie, um offline zu lesen
Empfohlen
2017대선 빅데이터 분석
2017대선 빅데이터 분석
지승 한
사진형SNS 인스플
사진형SNS 인스플
지승 한
Intro to ES6 / ES2015
Intro to ES6 / ES2015
Jamal Sinclair O'Garro
OWASP top10 2017, Montpellier JUG de Noel
OWASP top10 2017, Montpellier JUG de Noel
Hubert Gregoire
What's New in MySQL 8.0 @ HKOSC 2017
What's New in MySQL 8.0 @ HKOSC 2017
Ivan Ma
MySQL no Paypal Tesla e Uber
MySQL no Paypal Tesla e Uber
MySQL Brasil
SAP on AWS: SAPPHIRE NOW 2018 Recap
SAP on AWS: SAPPHIRE NOW 2018 Recap
Amazon Web Services
Migrating Your SQL Server Databases to Amazon RDS - DAT312 - re:Invent 2017
Migrating Your SQL Server Databases to Amazon RDS - DAT312 - re:Invent 2017
Amazon Web Services
Empfohlen
2017대선 빅데이터 분석
2017대선 빅데이터 분석
지승 한
사진형SNS 인스플
사진형SNS 인스플
지승 한
Intro to ES6 / ES2015
Intro to ES6 / ES2015
Jamal Sinclair O'Garro
OWASP top10 2017, Montpellier JUG de Noel
OWASP top10 2017, Montpellier JUG de Noel
Hubert Gregoire
What's New in MySQL 8.0 @ HKOSC 2017
What's New in MySQL 8.0 @ HKOSC 2017
Ivan Ma
MySQL no Paypal Tesla e Uber
MySQL no Paypal Tesla e Uber
MySQL Brasil
SAP on AWS: SAPPHIRE NOW 2018 Recap
SAP on AWS: SAPPHIRE NOW 2018 Recap
Amazon Web Services
Migrating Your SQL Server Databases to Amazon RDS - DAT312 - re:Invent 2017
Migrating Your SQL Server Databases to Amazon RDS - DAT312 - re:Invent 2017
Amazon Web Services
Azure App Gateway and Log Analytics under Penetration Tests
Azure App Gateway and Log Analytics under Penetration Tests
Roy Kim
OSV operating system
OSV operating system
Emad Soltani
SAP on AWS 이관사례로 알아보는 SAP 혁신 전략 - 이진욱, AWS SAP on AWS Solutions Architect
SAP on AWS 이관사례로 알아보는 SAP 혁신 전략 - 이진욱, AWS SAP on AWS Solutions Architect
Amazon Web Services Korea
Deployment of SAP Solutions on AWS (Level 200)
Deployment of SAP Solutions on AWS (Level 200)
Amazon Web Services
Migrando aplicaciones SAP a AWS
Migrando aplicaciones SAP a AWS
Amazon Web Services LATAM
Bentobox Exercise
Bentobox Exercise
Ester Kais
Building prediction models with Amazon Redshift and Amazon ML
Building prediction models with Amazon Redshift and Amazon ML
Julien SIMON
NodeJS Serverless backends for your frontends
NodeJS Serverless backends for your frontends
Carlos Santana
Monitoring Big Data Systems Done "The Simple Way" - Codemotion Milan 2017 - D...
Monitoring Big Data Systems Done "The Simple Way" - Codemotion Milan 2017 - D...
Demi Ben-Ari
Demi Ben-Ari - Monitoring Big Data Systems Done "The Simple Way" - Codemotion...
Demi Ben-Ari - Monitoring Big Data Systems Done "The Simple Way" - Codemotion...
Codemotion
SRV315_How We Built a Mission-Critical, Serverless File Processing Pipeline f...
SRV315_How We Built a Mission-Critical, Serverless File Processing Pipeline f...
Amazon Web Services
AWS re:Invent 2016 Fast Forward
AWS re:Invent 2016 Fast Forward
Shuen-Huei Guan
GPSWKS401_Designing a Cloud Enterprise Data Warehouse
GPSWKS401_Designing a Cloud Enterprise Data Warehouse
Amazon Web Services
Cloud Native Applications on OpenShift
Cloud Native Applications on OpenShift
Serhat Dirik
OSOM Operations in the Cloud
OSOM Operations in the Cloud
mstuparu
OSOM - Operations in the Cloud
OSOM - Operations in the Cloud
Marcela Oniga
Monitoring with Icinga2 at Adobe
Monitoring with Icinga2 at Adobe
Icinga
Addressing Issues of Risk & Governance in OpenStack without sacrificing Agili...
Addressing Issues of Risk & Governance in OpenStack without sacrificing Agili...
OpenStack
MySQL8.0 in COSCUP2017
MySQL8.0 in COSCUP2017
Shinya Sugiyama
SAP portal: breaking and forensicating
SAP portal: breaking and forensicating
ERPScan
WhatsTheCedar.pptx
WhatsTheCedar.pptx
隆博 田中
SecurityGroup_AboutTrackedUntracked.pptx
SecurityGroup_AboutTrackedUntracked.pptx
隆博 田中
Weitere ähnliche Inhalte
Ähnlich wie Owasp top 10 serverless
Azure App Gateway and Log Analytics under Penetration Tests
Azure App Gateway and Log Analytics under Penetration Tests
Roy Kim
OSV operating system
OSV operating system
Emad Soltani
SAP on AWS 이관사례로 알아보는 SAP 혁신 전략 - 이진욱, AWS SAP on AWS Solutions Architect
SAP on AWS 이관사례로 알아보는 SAP 혁신 전략 - 이진욱, AWS SAP on AWS Solutions Architect
Amazon Web Services Korea
Deployment of SAP Solutions on AWS (Level 200)
Deployment of SAP Solutions on AWS (Level 200)
Amazon Web Services
Migrando aplicaciones SAP a AWS
Migrando aplicaciones SAP a AWS
Amazon Web Services LATAM
Bentobox Exercise
Bentobox Exercise
Ester Kais
Building prediction models with Amazon Redshift and Amazon ML
Building prediction models with Amazon Redshift and Amazon ML
Julien SIMON
NodeJS Serverless backends for your frontends
NodeJS Serverless backends for your frontends
Carlos Santana
Monitoring Big Data Systems Done "The Simple Way" - Codemotion Milan 2017 - D...
Monitoring Big Data Systems Done "The Simple Way" - Codemotion Milan 2017 - D...
Demi Ben-Ari
Demi Ben-Ari - Monitoring Big Data Systems Done "The Simple Way" - Codemotion...
Demi Ben-Ari - Monitoring Big Data Systems Done "The Simple Way" - Codemotion...
Codemotion
SRV315_How We Built a Mission-Critical, Serverless File Processing Pipeline f...
SRV315_How We Built a Mission-Critical, Serverless File Processing Pipeline f...
Amazon Web Services
AWS re:Invent 2016 Fast Forward
AWS re:Invent 2016 Fast Forward
Shuen-Huei Guan
GPSWKS401_Designing a Cloud Enterprise Data Warehouse
GPSWKS401_Designing a Cloud Enterprise Data Warehouse
Amazon Web Services
Cloud Native Applications on OpenShift
Cloud Native Applications on OpenShift
Serhat Dirik
OSOM Operations in the Cloud
OSOM Operations in the Cloud
mstuparu
OSOM - Operations in the Cloud
OSOM - Operations in the Cloud
Marcela Oniga
Monitoring with Icinga2 at Adobe
Monitoring with Icinga2 at Adobe
Icinga
Addressing Issues of Risk & Governance in OpenStack without sacrificing Agili...
Addressing Issues of Risk & Governance in OpenStack without sacrificing Agili...
OpenStack
MySQL8.0 in COSCUP2017
MySQL8.0 in COSCUP2017
Shinya Sugiyama
SAP portal: breaking and forensicating
SAP portal: breaking and forensicating
ERPScan
Ähnlich wie Owasp top 10 serverless
(20)
Azure App Gateway and Log Analytics under Penetration Tests
Azure App Gateway and Log Analytics under Penetration Tests
OSV operating system
OSV operating system
SAP on AWS 이관사례로 알아보는 SAP 혁신 전략 - 이진욱, AWS SAP on AWS Solutions Architect
SAP on AWS 이관사례로 알아보는 SAP 혁신 전략 - 이진욱, AWS SAP on AWS Solutions Architect
Deployment of SAP Solutions on AWS (Level 200)
Deployment of SAP Solutions on AWS (Level 200)
Migrando aplicaciones SAP a AWS
Migrando aplicaciones SAP a AWS
Bentobox Exercise
Bentobox Exercise
Building prediction models with Amazon Redshift and Amazon ML
Building prediction models with Amazon Redshift and Amazon ML
NodeJS Serverless backends for your frontends
NodeJS Serverless backends for your frontends
Monitoring Big Data Systems Done "The Simple Way" - Codemotion Milan 2017 - D...
Monitoring Big Data Systems Done "The Simple Way" - Codemotion Milan 2017 - D...
Demi Ben-Ari - Monitoring Big Data Systems Done "The Simple Way" - Codemotion...
Demi Ben-Ari - Monitoring Big Data Systems Done "The Simple Way" - Codemotion...
SRV315_How We Built a Mission-Critical, Serverless File Processing Pipeline f...
SRV315_How We Built a Mission-Critical, Serverless File Processing Pipeline f...
AWS re:Invent 2016 Fast Forward
AWS re:Invent 2016 Fast Forward
GPSWKS401_Designing a Cloud Enterprise Data Warehouse
GPSWKS401_Designing a Cloud Enterprise Data Warehouse
Cloud Native Applications on OpenShift
Cloud Native Applications on OpenShift
OSOM Operations in the Cloud
OSOM Operations in the Cloud
OSOM - Operations in the Cloud
OSOM - Operations in the Cloud
Monitoring with Icinga2 at Adobe
Monitoring with Icinga2 at Adobe
Addressing Issues of Risk & Governance in OpenStack without sacrificing Agili...
Addressing Issues of Risk & Governance in OpenStack without sacrificing Agili...
MySQL8.0 in COSCUP2017
MySQL8.0 in COSCUP2017
SAP portal: breaking and forensicating
SAP portal: breaking and forensicating
Mehr von 隆博 田中
WhatsTheCedar.pptx
WhatsTheCedar.pptx
隆博 田中
SecurityGroup_AboutTrackedUntracked.pptx
SecurityGroup_AboutTrackedUntracked.pptx
隆博 田中
Create ECS Cluster (Fargate)
Create ECS Cluster (Fargate)
隆博 田中
Aws security ssrf_update
Aws security ssrf_update
隆博 田中
Aws security ssrf
Aws security ssrf
隆博 田中
Aws first step_ec2_vpc
Aws first step_ec2_vpc
隆博 田中
Aws security part1
Aws security part1
隆博 田中
Well architected framework_first_step
Well architected framework_first_step
隆博 田中
Mehr von 隆博 田中
(8)
WhatsTheCedar.pptx
WhatsTheCedar.pptx
SecurityGroup_AboutTrackedUntracked.pptx
SecurityGroup_AboutTrackedUntracked.pptx
Create ECS Cluster (Fargate)
Create ECS Cluster (Fargate)
Aws security ssrf_update
Aws security ssrf_update
Aws security ssrf
Aws security ssrf
Aws first step_ec2_vpc
Aws first step_ec2_vpc
Aws security part1
Aws security part1
Well architected framework_first_step
Well architected framework_first_step
Kürzlich hochgeladen
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
Addepto
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
comworks
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Commit University
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
LoriGlavin3
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
Hervé Boutemy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
gvaughan
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
Enterprise Knowledge
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
BookNet Canada
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
Fwdays
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Databarracks
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
Scott Keck-Warren
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
Pixlogix Infotech
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Zilliz
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Florian Wilhelm
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
UiPathCommunity
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
2toLead Limited
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
charlottematthew16
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
null - The Open Security Community
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
Sri Ambati
Kürzlich hochgeladen
(20)
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
How to write a Business Continuity Plan
How to write a Business Continuity Plan
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
Owasp top 10 serverless
1.
OWASP Top 10
2017 Serverless
2.
● ● IT ● SE ● ○
SE→ SE→ → SE ● ● ○
3.
OWASP Top 10
4.
OWASP Top 10 OWASP
Serverless Top 10 ● ● OWASP Serverless Top 10 ● ●
5.
OWASP Top 10
(1) ● Web ● ● ○ OWASP ■ OWASP Proactive Controls ■ OWASP ASVS ■ OWASP Testing Guide ■ OWASP Cheat Sheet ■ OWASP Automated Threats ○ ■ CWE ■ NIST
6.
OWASP Top 10
(2) 1. A1:2017- 2. A2:2017- 3. A3:2017- 4. A4:2017-XML XXE 5. A5:2017- 6. A6:2017- 7. A7:2017- XSS 8. A8:2017- 9. A9:2017- 10. A10:2017-
7.
OWASP Top 10
(3) ● ○ X: Denial of Service (DoS) ○ X: Denial of Wallet (DoW) ○ X: Insecure Secret Management ○ X: Insecure Shared Space ○ X: Business Logic / Flow manipulation
8.
OWASP Top 10 FaaS
AWS Lambda Google Cloud Functions
9.
A1:2017 ◆ ● ● Function ○ ○ ○ ○ ○ ◆ ● ●
10.
A1:2017 FaaS Function
11.
A2:2017 ◆ ● Function Function ● Faas ◆ ●
API
12.
A2:2017 PullRequest SES Lambda
13.
A3:2017 ◆ ● Function ● FaaS Function ◆ ● ● ● /tmp
14.
A4:2017 XML ◆ ● VPC ●
Function DoS ◆ ● XML XML
15.
A5:2017 ◆ ● FaaS Function root/admin ● Function ◆ ●
Function
16.
A6:2017 ◆ ● FaaS ● Function ○ Function ○ ◆ ● ●
… ○ github ○ ○ Function
17.
A7:2017 ◆ ● XSS ◆ ●
18.
A8:2017 ◆ ● Function ◆ ● ● ●
19.
A9:2017 ◆ ●
20.
A10:2017 ◆ ● FaaS ○ ○ ○ Function ○ ◆ ● ●
FaaS
21.
● ● ● FaaS
Jetzt herunterladen