SlideShare ist ein Scribd-Unternehmen logo

Serverless Security: Doing Security in 100 milliseconds

James Wickett
James Wickett

Talk on serverless security with a brief history of cloud, containers and now serverless. This talk also features serverless patterns, and security considerations needed in this new environment. This talk was given at AppSecUSA 2016.

Technologie
1 von 126
Downloaden Sie, um offline zu lesen
@WICKETT DOING SECURITY IN 100 MILLISECONDS SERVERLESS SECURITY
@WICKETT JAMES WICKETT ๏ Head of Research at Signal Sciences ๏ Author at Lynda/LinkedIn Training for DevOps Fundamentals course releasing in November ๏ Blogger at theagileadmin.com and labs.signalsciences.com
@WICKETT DEVOPS ROADMAP FOR SECURITY http://info.signalsciences.com/book
@WICKETT ๏ Web App Firewall for modern workloads ๏ Cloud-native and devops friendly ๏ Answer the questions: Am I being attacked right now? Are attackers becoming successful? ๏ We are hiring (Golang, appsec, devops) @WICKETT
@WICKETT
@WICKETT
@WICKETT CONCLUSION ๏ Serverless encourages functions as deploy units, coupled with third party services that allow running end-to-end applications without worrying about system operation. ๏ New serverless patterns are just emerging ๏ Security with serverless is easier ๏ Security with serverless is harder
@WICKETT CONCLUSION (2) ๏ Four key areas apply to serverless security ๏ Software Supply Chain Security ๏ Delivery Pipeline Security ๏ Data Flow Security ๏ Attack Detection
@WICKETT WHAT IS SERVERLESS?
@WICKETT MISCONCEPTIONS
@WICKETT IT’S MARKETING (CLOUD REBRANDED)
@WICKETT SERVERLESS == NO SERVERS
@WICKETT SERVERLESS == CLOUD
@WICKETT SERVERLESS == BACKEND AS A SERVICE
@WICKETT SERVERLESS == PLATFORM AS A SERVICE
@WICKETT
@WICKETT SO, WHAT IS SERVERLESS?
@WICKETT http://martinfowler.com/articles/serverless.html
@WICKETT @MIKEBROBERTS
@WICKETT Serverless was first used to describe applications that significantly or fully depend on 3rd party applications / services (‘in the cloud’) to manage server-side logic and state. http://martinfowler.com/articles/serverless.html
@WICKETT Serverless can also mean applications where some amount of server-side logic is still written by the application developer but unlike traditional architectures is run in stateless compute containers that are event- triggered, ephemeral (may only last for one invocation), and fully managed by a 3rd party. http://martinfowler.com/articles/serverless.html
@WICKETT HISTORY OF SERVERLESS ๏ 2012 - used to describe BaaS and Continuous Integration services run by third parties ๏ Late 2014 - AWS launched Lambda ๏ July 2015 - AWS launched API Gateway ๏ October 2015 - AWS re:Invent - The Serverless company using AWS Lambda ๏ 2015 to present - Frameworks forming ๏ 2016 - Serverless Conference http://www.slideshare.net/AmazonWebServices/arc308- the-serverless-company-using-aws-lambda
@WICKETT Client Server Database Proxy/LB Server Server
@WICKETT Client Auth Service API Gateway Database Service Function A Function B Web Delivery
@WICKETT
@WICKETT WHAT CAN WE SAY IS SERVERLESS?
@WICKETT SERVERLESS IS FUNCTIONS AS A SERVICE (FaaS)
@WICKETT BUT, BUT… CONTAINERS!
@WICKETT CONTAINERS … ON DEMAND
@WICKETT SERVERLESS IS (NO MANAGEMENT OF) SERVERS
@WICKETT SERVERLESS IS SERVICEFULL
@WICKETT SERVERLESS IS AN OPINIONATED FRAMEWORK FOR COMPUTE
@WICKETT Serverless encourages functions as deploy units, coupled with third party services that allow running end-to-end applications without worrying about system operation.
@WICKETT A SHORT HISTORY OF CLOUD
@WICKETT VIRTUALIZATION
@WICKETT “THE CLOUD”
@WICKETT DEVOPS
@WICKETT SaaS PaaS IaaS
@WICKETT PRIVATE CLOUD
@WICKETT THEN, ALONG CAME CONTAINERS
@WICKETT CONTAINERS ARE TEH HAWTNESS
@WICKETT
@WICKETT LOTS OF EFFORT IN CONTAINER ORCHESTRATION
@WICKETT THE CLOUD WAS TO VIRTUALIZATION AS SERVERLESS WILL BE TO CONTAINERS
@WICKETT IF YOU WANT TO LEAD YOUR COMPANY BRAVELY INTO THE NEW WORLD, YOU WOULD DO WELL TO FOCUS LOT ON HOW SERVERLESS WILL EVOLVE. - @CLOUDOPINION https://medium.com/@cloud_opinion/the-pattern-may- repeat-26de1e8b489d
@WICKETT Serverless encourages functions as deploy units, coupled with third party services that allow running end-to-end applications without worrying about system operation.
@WICKETT SO, WHAT ARE THE UPSIDES?
@WICKETT SCALING BUILT IN
@WICKETT PAY FOR WHAT YOU USE IN 100MS INCREMENTS
@WICKETT WITH SERVERLESS SYSTEM ADMINISTRATION IS (MOSTLY) LOWER
@WICKETT SERVERLESS IS IMPLICIT MICROSERVICES
@WICKETT SHORT CIRCUITS OPS AND MOVES INFRASTRUCTURE RUNTIME CLOSER TO DEVS
@WICKETT YOU CAN SKIP CHEFFING DOCKERING ALL THE THINGS!
@WICKETT LEAN STARTUP FRIENDLY
@WICKETT INCREASED VELOCITY
@WICKETT GREAT, WHAT’S THE CATCH?
@WICKETT OPS BURDEN TO RATIONALIZE SERVERLESS MODEL (SPECIFICALLY DEPLOY)
@WICKETT MONITORING
@WICKETT LOGGING
@WICKETT STATELESS FOR REAL NO MEMORY PERSISTENCE ACROSS FUNCTION RUNS
@WICKETT VENDOR LOCK-IN
@WICKETT SECURITY
@WICKETT RELIABILITY
@WICKETT
@WICKETT SERVERLESS USE CASES
@WICKETT IMAGE RESIZING
@WICKETT QUEUE PROCESSING http://martinfowler.com/articles/serverless.html
@WICKETT RUN A WEB APPLICATION
@WICKETT API GATEWAY http://martinfowler.com/articles/serverless.html
@WICKETT CI/CD
@WICKETT LICENSING
@WICKETT SECURITY IS THE SAME AND DIFFERENT
@WICKETT EVERYTHING IS HTTP(S)
@WICKETT WHAT USED TO BE SYSTEM CALLS IS NOW DISTRIBUTED COMPUTING OVER THE NETWORK
@WICKETT SERVERLESS SHIFTS ATTACK SURFACE TO THIRD PARTIES
@WICKETT LETS TRY A SAMPLE APPLICATION IN AWS
@WICKETT ๏ Golang! ๏ AWS Lambda supports bring your own binary ๏ Sparta wraps your binary with node.js shim
@WICKETT
@WICKETT OTHER OPTIONS ๏ Serverless Framework ๏ APEX ๏ Kappa
@WICKETT WORDY ๏ Analyzes textual occurrences given a block of text, returns JSON count of words ๏ Calls API under the hood to get text ๏ It is comprised of Lambda, s3, API Gateway
@WICKETT
@WICKETT
@WICKETT
@WICKETT go run main.go provision -s S3_BUCKET
@WICKETT
@WICKETT
@WICKETT
@WICKETT
@WICKETT
@WICKETT
@WICKETT
@WICKETT
@WICKETT
@WICKETT WHAT I LEARNED ABOUT SERVERLESS SECURITY
@WICKETT
@WICKETT FOUR AREAS OF SERVERLESS SECURITY ๏ Secure Software Supply Chain ๏ Delivery Pipeline ๏ Data Flow Security ๏ Attack Detection
@WICKETT
@WICKETT SURFACE AREA REDUCTION!
@WICKETT SURFACE AREA EXPANSION!
@WICKETT SSL / TLS FROM THE PROVIDER
@WICKETT DNS!
@WICKETT LAMBDA + S3 + KINESIS + DYNAMODB + CLOUDFORMATION + API GATEWAY + AUTH0
@WICKETT USE A THIRD-PARTY SERVICE FOR CONFIG CHANGES
@WICKETT ACCESS CONTROL
@WICKETT DELIVERY PIPELINE SECURITY
@WICKETT
@WICKETT UNIT TESTING
@WICKETT
@WICKETT INTEGRATION TESTING
@WICKETT CONFIGURATION IS PART OF DELIVERY
@WICKETT PROVIDER SECURITY ๏ Disable root access keys ๏ Manage users with profiles ๏ Secure your keys in your deploy system ๏ Secure keys in dev system ๏ Use provider MFA
@WICKETT SIMPLE DEPLOY PIPELINE SECURITY ๏ Only dev keys can push to ‘dev’ ๏ Only build/deploy system can push to pre- prod ๏ Integration tests must pass in this env ๏ Security validation must take place ๏ Allow push to prod, only by deploy system
@WICKETT SECURITY INTEGRATION TESTING ๏ BDD-Security - github.com/ continuumsecurity/bdd-security ๏ Gauntlt - gauntlt.org
@WICKETT http://www.slideshare.net/wickett/pragmatic-security-and- rugged-devops-sxsw-2015
@WICKETT DATA FLOW SECURITY ๏ Development ๏ Data Flow Diagrams ๏ Threat modeling ๏ Runtime
@WICKETT Application layer DoS
@WICKETT TIMEOUTS AND EXECUTION RESTRICTIONS
@WICKETT HTTP / HTTPS
@WICKETT ATTACK DETECTION
@WICKETT DEVELOPMENT ๏ Normal OWASP tooling ๏ Language filtering and more
@WICKETT APPSEC PROBLEMS
@WICKETT DEFENSE ๏ Logging, emitting events ๏ Vandium (SQLi) wrapper ๏ Content Security Policy (CSP) ๏ More work needs to be done here…
@WICKETT CONCLUSION ๏ Serverless encourages functions as deploy units, coupled with third party services that allow running end-to-end applications without worrying about system operation. ๏ New serverless patterns are just emerging ๏ Security with serverless is easier ๏ Security with serverless is harder
@WICKETT CONCLUSION (2) ๏ Four key areas apply to serverless security ๏ Software Supply Chain Security ๏ Delivery Pipeline Security ๏ Data Flow Security ๏ Attack Detection
@WICKETT
@WICKETT LET’S TALK! ๏ james@signalsciences.com ๏ @wickett ๏ http://info.signalsciences.com/book

Empfohlen

Serverless Security: Are you ready for the Future?
Serverless Security: Are you ready for the Future?Serverless Security: Are you ready for the Future?
Serverless Security: Are you ready for the Future?
James Wickett
 
Serverless Security: A pragmatic primer for builders and defenders
Serverless Security: A pragmatic primer for builders and defendersServerless Security: A pragmatic primer for builders and defenders
Serverless Security: A pragmatic primer for builders and defenders
James Wickett
 
Serverless Security at LASCON 2017
Serverless Security at LASCON 2017Serverless Security at LASCON 2017
Serverless Security at LASCON 2017
James Wickett
 
Containerizing your Security Operations Center
Containerizing your Security Operations CenterContainerizing your Security Operations Center
Containerizing your Security Operations Center
Jimmy Mesta
 
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDThe Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CD
James Wickett
 
Security in the Delivery Pipeline - GOTO Amsterdam 2017
Security in the Delivery Pipeline - GOTO Amsterdam 2017Security in the Delivery Pipeline - GOTO Amsterdam 2017
Security in the Delivery Pipeline - GOTO Amsterdam 2017
James Wickett
 
From Zero to DevSecOps in 60 Minutes - DevTalks Romania - Cluj-Napoca
From Zero to DevSecOps in 60 Minutes - DevTalks Romania - Cluj-NapocaFrom Zero to DevSecOps in 60 Minutes - DevTalks Romania - Cluj-Napoca
From Zero to DevSecOps in 60 Minutes - DevTalks Romania - Cluj-Napoca
jerryhargrove
 
How to Effect Change in the Epistemological Wasteland of Application Security
How to Effect Change in the Epistemological Wasteland of Application SecurityHow to Effect Change in the Epistemological Wasteland of Application Security
How to Effect Change in the Epistemological Wasteland of Application Security
James Wickett
 

Empfohlen

Serverless Security: Are you ready for the Future?
Serverless Security: Are you ready for the Future?Serverless Security: Are you ready for the Future?
Serverless Security: Are you ready for the Future?
James Wickett
 
Serverless Security: A pragmatic primer for builders and defenders
Serverless Security: A pragmatic primer for builders and defendersServerless Security: A pragmatic primer for builders and defenders
Serverless Security: A pragmatic primer for builders and defenders
James Wickett
 
Serverless Security at LASCON 2017
Serverless Security at LASCON 2017Serverless Security at LASCON 2017
Serverless Security at LASCON 2017
James Wickett
 
Containerizing your Security Operations Center
Containerizing your Security Operations CenterContainerizing your Security Operations Center
Containerizing your Security Operations Center
Jimmy Mesta
 
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDThe Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CD
James Wickett
 
Security in the Delivery Pipeline - GOTO Amsterdam 2017
Security in the Delivery Pipeline - GOTO Amsterdam 2017Security in the Delivery Pipeline - GOTO Amsterdam 2017
Security in the Delivery Pipeline - GOTO Amsterdam 2017
James Wickett
 
From Zero to DevSecOps in 60 Minutes - DevTalks Romania - Cluj-Napoca
From Zero to DevSecOps in 60 Minutes - DevTalks Romania - Cluj-NapocaFrom Zero to DevSecOps in 60 Minutes - DevTalks Romania - Cluj-Napoca
From Zero to DevSecOps in 60 Minutes - DevTalks Romania - Cluj-Napoca
jerryhargrove
 
How to Effect Change in the Epistemological Wasteland of Application Security
How to Effect Change in the Epistemological Wasteland of Application SecurityHow to Effect Change in the Epistemological Wasteland of Application Security
How to Effect Change in the Epistemological Wasteland of Application Security
James Wickett
 
Defining DevSecOps
Defining DevSecOpsDefining DevSecOps
Defining DevSecOps
Uchit Vyas ☁
 
LambHack: A Vulnerable Serverless Application
LambHack: A Vulnerable Serverless ApplicationLambHack: A Vulnerable Serverless Application
LambHack: A Vulnerable Serverless Application
James Wickett
 
Serverless Security: What's Left To Protect
Serverless Security: What's Left To ProtectServerless Security: What's Left To Protect
Serverless Security: What's Left To Protect
Guy Podjarny
 
[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps
[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps
[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps
Daniel Oh
 
DevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
DevSecOps, An Organizational Primer - AWS Security Week at the SF LoftDevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
DevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
Amazon Web Services
 
Building a DevSecOps Pipeline Around Your Spring Boot Application
Building a DevSecOps Pipeline Around Your Spring Boot ApplicationBuilding a DevSecOps Pipeline Around Your Spring Boot Application
Building a DevSecOps Pipeline Around Your Spring Boot Application
VMware Tanzu
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOps
Setu Parimi
 
DevSecOps - Building Rugged Software
DevSecOps - Building Rugged SoftwareDevSecOps - Building Rugged Software
DevSecOps - Building Rugged Software
SeniorStoryteller
 
Hacker Games & DevSecOps
Hacker Games & DevSecOpsHacker Games & DevSecOps
Hacker Games & DevSecOps
lokori
 
DevSecOps reference architectures 2018
DevSecOps reference architectures 2018DevSecOps reference architectures 2018
DevSecOps reference architectures 2018
Sonatype
 
AppSec California 2018: The Path of DevOps Enlightenment for InfoSec
AppSec California 2018: The Path of DevOps Enlightenment for InfoSecAppSec California 2018: The Path of DevOps Enlightenment for InfoSec
AppSec California 2018: The Path of DevOps Enlightenment for InfoSec
James Wickett
 
The DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD PipelineThe DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD Pipeline
James Wickett
 
Third Party Performance (Velocity, 2014)
Third Party Performance (Velocity, 2014)Third Party Performance (Velocity, 2014)
Third Party Performance (Velocity, 2014)
Guy Podjarny
 
Overcoming the old ways of working with DevSecOps - Culture, Data, Graph, and...
Overcoming the old ways of working with DevSecOps - Culture, Data, Graph, and...Overcoming the old ways of working with DevSecOps - Culture, Data, Graph, and...
Overcoming the old ways of working with DevSecOps - Culture, Data, Graph, and...
Erkang Zheng
 
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Matt Raible
 
Security as Code: DOES15
Security as Code: DOES15Security as Code: DOES15
Security as Code: DOES15
Ed Bellis
 
The New Ways of DevSecOps - The Secure Dev 2019
The New Ways of DevSecOps - The Secure Dev 2019The New Ways of DevSecOps - The Secure Dev 2019
The New Ways of DevSecOps - The Secure Dev 2019
James Wickett
 
Enterprise DevOps Series: Using VS Code & Zowe
Enterprise DevOps Series: Using VS Code & ZoweEnterprise DevOps Series: Using VS Code & Zowe
Enterprise DevOps Series: Using VS Code & Zowe
DevOps.com
 
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
Chris Gates
 
Hybrid Cloud Networking
Hybrid Cloud NetworkingHybrid Cloud Networking
Hybrid Cloud Networking
SVForum Cloud SIG
 
Serverless Security: A How-to Guide @ SnowFROC 2019
Serverless Security: A How-to Guide @ SnowFROC 2019Serverless Security: A How-to Guide @ SnowFROC 2019
Serverless Security: A How-to Guide @ SnowFROC 2019
James Wickett
 
Serverless Architectural Patterns
Serverless Architectural PatternsServerless Architectural Patterns
Serverless Architectural Patterns
Yan Cui
 

Weitere ähnliche Inhalte

Was ist angesagt?

Defining DevSecOps
Defining DevSecOpsDefining DevSecOps
Defining DevSecOps
Uchit Vyas ☁
 
Serverless Security: What's Left To Protect
Serverless Security: What's Left To ProtectServerless Security: What's Left To Protect
Serverless Security: What's Left To Protect
Guy Podjarny
 
DevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
DevSecOps, An Organizational Primer - AWS Security Week at the SF LoftDevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
DevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
Amazon Web Services
 
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Matt Raible
 
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
Chris Gates
 

Was ist angesagt? (20)

Defining DevSecOps
Defining DevSecOpsDefining DevSecOps
Defining DevSecOps
 
LambHack: A Vulnerable Serverless Application
LambHack: A Vulnerable Serverless ApplicationLambHack: A Vulnerable Serverless Application
LambHack: A Vulnerable Serverless Application
 
Serverless Security: What's Left To Protect
Serverless Security: What's Left To ProtectServerless Security: What's Left To Protect
Serverless Security: What's Left To Protect
 
[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps
[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps
[muCon2017]DevSecOps: How to Continuously Integrate Security into DevOps
 
DevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
DevSecOps, An Organizational Primer - AWS Security Week at the SF LoftDevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
DevSecOps, An Organizational Primer - AWS Security Week at the SF Loft
 
Building a DevSecOps Pipeline Around Your Spring Boot Application
Building a DevSecOps Pipeline Around Your Spring Boot ApplicationBuilding a DevSecOps Pipeline Around Your Spring Boot Application
Building a DevSecOps Pipeline Around Your Spring Boot Application
 
Introduction to DevSecOps
Introduction to DevSecOpsIntroduction to DevSecOps
Introduction to DevSecOps
 
DevSecOps - Building Rugged Software
DevSecOps - Building Rugged SoftwareDevSecOps - Building Rugged Software
DevSecOps - Building Rugged Software
 
Hacker Games & DevSecOps
Hacker Games & DevSecOpsHacker Games & DevSecOps
Hacker Games & DevSecOps
 
DevSecOps reference architectures 2018
DevSecOps reference architectures 2018DevSecOps reference architectures 2018
DevSecOps reference architectures 2018
 
AppSec California 2018: The Path of DevOps Enlightenment for InfoSec
AppSec California 2018: The Path of DevOps Enlightenment for InfoSecAppSec California 2018: The Path of DevOps Enlightenment for InfoSec
AppSec California 2018: The Path of DevOps Enlightenment for InfoSec
 
The DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD PipelineThe DevSecOps Builder’s Guide to the CI/CD Pipeline
The DevSecOps Builder’s Guide to the CI/CD Pipeline
 
Third Party Performance (Velocity, 2014)
Third Party Performance (Velocity, 2014)Third Party Performance (Velocity, 2014)
Third Party Performance (Velocity, 2014)
 
Overcoming the old ways of working with DevSecOps - Culture, Data, Graph, and...
Overcoming the old ways of working with DevSecOps - Culture, Data, Graph, and...Overcoming the old ways of working with DevSecOps - Culture, Data, Graph, and...
Overcoming the old ways of working with DevSecOps - Culture, Data, Graph, and...
 
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
Lock That Shit Down! Auth Security Patterns for Apps, APIs, and Infra - Sprin...
 
Security as Code: DOES15
Security as Code: DOES15Security as Code: DOES15
Security as Code: DOES15
 
The New Ways of DevSecOps - The Secure Dev 2019
The New Ways of DevSecOps - The Secure Dev 2019The New Ways of DevSecOps - The Secure Dev 2019
The New Ways of DevSecOps - The Secure Dev 2019
 
Enterprise DevOps Series: Using VS Code & Zowe
Enterprise DevOps Series: Using VS Code & ZoweEnterprise DevOps Series: Using VS Code & Zowe
Enterprise DevOps Series: Using VS Code & Zowe
 
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
DevOops Redux Ken Johnson Chris Gates - AppSec USA 2016
 
Hybrid Cloud Networking
Hybrid Cloud NetworkingHybrid Cloud Networking
Hybrid Cloud Networking
 

Ähnlich wie Serverless Security: Doing Security in 100 milliseconds

Securing Your AWS Global Transit Network: Are You Asking the Right Questions?
Securing Your AWS Global Transit Network: Are You Asking the Right Questions?Securing Your AWS Global Transit Network: Are You Asking the Right Questions?
Securing Your AWS Global Transit Network: Are You Asking the Right Questions?
Khash Nakhostin
 
Deep Dive - Hybrid Architectures
Deep Dive - Hybrid ArchitecturesDeep Dive - Hybrid Architectures
Deep Dive - Hybrid Architectures
Amazon Web Services
 
DevOps - Moving to DevOps the Amazon Way
DevOps - Moving to DevOps the Amazon WayDevOps - Moving to DevOps the Amazon Way
DevOps - Moving to DevOps the Amazon Way
Amazon Web Services
 
Three Innovations that Define a “Next-Generation Global Transit Hub”
Three Innovations that Define a “Next-Generation Global Transit Hub”Three Innovations that Define a “Next-Generation Global Transit Hub”
Three Innovations that Define a “Next-Generation Global Transit Hub”
Khash Nakhostin
 
Twelve-factor serverless applications - MAD302 - Santa Clara AWS Summit
Twelve-factor serverless applications - MAD302 - Santa Clara AWS SummitTwelve-factor serverless applications - MAD302 - Santa Clara AWS Summit
Twelve-factor serverless applications - MAD302 - Santa Clara AWS Summit
Amazon Web Services
 

Ähnlich wie Serverless Security: Doing Security in 100 milliseconds (20)

Serverless Security: A How-to Guide @ SnowFROC 2019
Serverless Security: A How-to Guide @ SnowFROC 2019Serverless Security: A How-to Guide @ SnowFROC 2019
Serverless Security: A How-to Guide @ SnowFROC 2019
 
Serverless Architectural Patterns
Serverless Architectural PatternsServerless Architectural Patterns
Serverless Architectural Patterns
 
apidays Australia 2023 - APIs Aren't Enough: Why SaaS Leaders Are Investing I...
apidays Australia 2023 - APIs Aren't Enough: Why SaaS Leaders Are Investing I...apidays Australia 2023 - APIs Aren't Enough: Why SaaS Leaders Are Investing I...
apidays Australia 2023 - APIs Aren't Enough: Why SaaS Leaders Are Investing I...
 
Securing Your AWS Global Transit Network: Are You Asking the Right Questions?
Securing Your AWS Global Transit Network: Are You Asking the Right Questions?Securing Your AWS Global Transit Network: Are You Asking the Right Questions?
Securing Your AWS Global Transit Network: Are You Asking the Right Questions?
 
Deep Dive - Hybrid Architectures
Deep Dive - Hybrid ArchitecturesDeep Dive - Hybrid Architectures
Deep Dive - Hybrid Architectures
 
Cisco + AWS Stronger Security & Greater AWS Adoption
Cisco + AWS Stronger Security & Greater AWS Adoption Cisco + AWS Stronger Security & Greater AWS Adoption
Cisco + AWS Stronger Security & Greater AWS Adoption
 
Security in the FaaS Lane
Security in the FaaS LaneSecurity in the FaaS Lane
Security in the FaaS Lane
 
AWS Startup Insights Kuala Lumpur
AWS Startup Insights Kuala LumpurAWS Startup Insights Kuala Lumpur
AWS Startup Insights Kuala Lumpur
 
Top conf serverlezz
Top conf serverlezzTop conf serverlezz
Top conf serverlezz
 
DevOps - Moving to DevOps the Amazon Way
DevOps - Moving to DevOps the Amazon WayDevOps - Moving to DevOps the Amazon Way
DevOps - Moving to DevOps the Amazon Way
 
AWS Startup Insights Singapore
AWS Startup Insights SingaporeAWS Startup Insights Singapore
AWS Startup Insights Singapore
 
Serverless Computing, AWS Way by SourceFuse Technologies
Serverless Computing, AWS Way by SourceFuse Technologies Serverless Computing, AWS Way by SourceFuse Technologies
Serverless Computing, AWS Way by SourceFuse Technologies
 
Serverless Computing, AWS Way: SourceFuse Technologies
Serverless Computing, AWS Way: SourceFuse Technologies Serverless Computing, AWS Way: SourceFuse Technologies
Serverless Computing, AWS Way: SourceFuse Technologies
 
Favorire l'innovazione passando da applicazioni monolitiche ad architetture m...
Favorire l'innovazione passando da applicazioni monolitiche ad architetture m...Favorire l'innovazione passando da applicazioni monolitiche ad architetture m...
Favorire l'innovazione passando da applicazioni monolitiche ad architetture m...
 
(SACON) Anant Shrivastava - cloud pentesting
(SACON) Anant Shrivastava - cloud pentesting(SACON) Anant Shrivastava - cloud pentesting
(SACON) Anant Shrivastava - cloud pentesting
 
Three Innovations that Define a “Next-Generation Global Transit Hub”
Three Innovations that Define a “Next-Generation Global Transit Hub”Three Innovations that Define a “Next-Generation Global Transit Hub”
Three Innovations that Define a “Next-Generation Global Transit Hub”
 
Building API-Driven Microservices with Amazon API Gateway - AWS Online Tech T...
Building API-Driven Microservices with Amazon API Gateway - AWS Online Tech T...Building API-Driven Microservices with Amazon API Gateway - AWS Online Tech T...
Building API-Driven Microservices with Amazon API Gateway - AWS Online Tech T...
 
Resilient Microservices with Spring Cloud
Resilient Microservices with Spring CloudResilient Microservices with Spring Cloud
Resilient Microservices with Spring Cloud
 
Serverless architecture with Azure
Serverless architecture with AzureServerless architecture with Azure
Serverless architecture with Azure
 
Twelve-factor serverless applications - MAD302 - Santa Clara AWS Summit
Twelve-factor serverless applications - MAD302 - Santa Clara AWS SummitTwelve-factor serverless applications - MAD302 - Santa Clara AWS Summit
Twelve-factor serverless applications - MAD302 - Santa Clara AWS Summit
 

Mehr von James Wickett

A Way to Think about DevSecOps: MEASURE
A Way to Think about DevSecOps: MEASUREA Way to Think about DevSecOps: MEASURE
A Way to Think about DevSecOps: MEASURE
James Wickett
 
A Tale of Woe, Chaos, and Business
A Tale of Woe, Chaos, and BusinessA Tale of Woe, Chaos, and Business
A Tale of Woe, Chaos, and Business
James Wickett
 
A DevSecOps Tale of Business, Engineering, and People
A DevSecOps Tale of Business, Engineering, and PeopleA DevSecOps Tale of Business, Engineering, and People
A DevSecOps Tale of Business, Engineering, and People
James Wickett
 
DevOpsDays Austin: Security in the FaaS Lane
DevOpsDays Austin: Security in the FaaS LaneDevOpsDays Austin: Security in the FaaS Lane
DevOpsDays Austin: Security in the FaaS Lane
James Wickett
 
Defense-Oriented DevOps for Modern Software Development
Defense-Oriented DevOps for Modern Software DevelopmentDefense-Oriented DevOps for Modern Software Development
Defense-Oriented DevOps for Modern Software Development
James Wickett
 

Mehr von James Wickett (20)

A Pragmatic Union: Security and SRE
A Pragmatic Union: Security and SREA Pragmatic Union: Security and SRE
A Pragmatic Union: Security and SRE
 
A Way to Think about DevSecOps: MEASURE
A Way to Think about DevSecOps: MEASUREA Way to Think about DevSecOps: MEASURE
A Way to Think about DevSecOps: MEASURE
 
The Security, DevOps, and Chaos Playbook to Change the World
The Security, DevOps, and Chaos Playbook to Change the WorldThe Security, DevOps, and Chaos Playbook to Change the World
The Security, DevOps, and Chaos Playbook to Change the World
 
Pragmatic Pipeline Security
Pragmatic Pipeline SecurityPragmatic Pipeline Security
Pragmatic Pipeline Security
 
A Tale of Woe, Chaos, and Business
A Tale of Woe, Chaos, and BusinessA Tale of Woe, Chaos, and Business
A Tale of Woe, Chaos, and Business
 
A DevSecOps Tale of Business, Engineering, and People
A DevSecOps Tale of Business, Engineering, and PeopleA DevSecOps Tale of Business, Engineering, and People
A DevSecOps Tale of Business, Engineering, and People
 
NewOps Days 2019: The New Ways of Chaos, Security, and DevOps
NewOps Days 2019: The New Ways of Chaos, Security, and DevOpsNewOps Days 2019: The New Ways of Chaos, Security, and DevOps
NewOps Days 2019: The New Ways of Chaos, Security, and DevOps
 
The New Ways of Chaos, Security, and DevOps
The New Ways of Chaos, Security, and DevOpsThe New Ways of Chaos, Security, and DevOps
The New Ways of Chaos, Security, and DevOps
 
DevOpsDays Austin: Security in the FaaS Lane
DevOpsDays Austin: Security in the FaaS LaneDevOpsDays Austin: Security in the FaaS Lane
DevOpsDays Austin: Security in the FaaS Lane
 
The Seven Habits of the Highly Effective DevSecOp
The Seven Habits of the Highly Effective DevSecOpThe Seven Habits of the Highly Effective DevSecOp
The Seven Habits of the Highly Effective DevSecOp
 
Release Your Inner DevSecOp
Release Your Inner DevSecOpRelease Your Inner DevSecOp
Release Your Inner DevSecOp
 
The New Security Playbook: DevSecOps
The New Security Playbook: DevSecOpsThe New Security Playbook: DevSecOps
The New Security Playbook: DevSecOps
 
The Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CDThe Emergent Cloud Security Toolchain for CI/CD
The Emergent Cloud Security Toolchain for CI/CD
 
Adversary Driven Defense in the Real World
Adversary Driven Defense in the Real WorldAdversary Driven Defense in the Real World
Adversary Driven Defense in the Real World
 
DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline DevSecOps and the CI/CD Pipeline
DevSecOps and the CI/CD Pipeline
 
The State of DevSecOps in 2018
The State of DevSecOps in 2018The State of DevSecOps in 2018
The State of DevSecOps in 2018
 
DevSecOps in the Year 2018
DevSecOps in the Year 2018DevSecOps in the Year 2018
DevSecOps in the Year 2018
 
DevSecOps and the New Path Forward
DevSecOps and the New Path ForwardDevSecOps and the New Path Forward
DevSecOps and the New Path Forward
 
Defense-Oriented DevOps for Modern Software Development
Defense-Oriented DevOps for Modern Software DevelopmentDefense-Oriented DevOps for Modern Software Development
Defense-Oriented DevOps for Modern Software Development
 
Innotech Austin 2017: The Path of DevOps Enlightenment for InfoSec
Innotech Austin 2017: The Path of DevOps Enlightenment for InfoSecInnotech Austin 2017: The Path of DevOps Enlightenment for InfoSec
Innotech Austin 2017: The Path of DevOps Enlightenment for InfoSec
 

Kürzlich hochgeladen

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 

Kürzlich hochgeladen (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 

Serverless Security: Doing Security in 100 milliseconds