8 March 2019

A Deep Dive into Serverless Attacks, SLS-4: XML External Entity (XXE) Attacks

A Deep Dive into Serverless Attacks
Let me first apologize for the long absence. However, I haven’t been idle. I’ve been working hard to […]
21 February 2019

Cloud Native Security: What it Means

Cloud Native Security: What it Means
Cloud-native applications are applications that have been built purposely to be deployed and operated in a cloud environment. […]
8 January 2019

Level Up on Security with the New Damn Vulnerable Serverless App

Welcome to 2019. The year we will all understand that serverless is not a fleeting trend, but is […]
28 November 2018

A Deep Dive into Serverless Attacks, SLS-3: Sensitive Data Disclosure

Great news! The OWASP Serverless Top 10 first release is out! And so, we continue with this blog […]
1 November 2018

A Deep Dive into Serverless Attacks, SLS-2: Broken Authentication

Thanks for joining me for the second post in the series. In the previous post I discussed what […]
7 October 2018

A Deep Dive into Serverless Attacks, SLS-1: Event Injection

The OWASP Serverless top 10 project was just launched. It aims at educating practitioners and organizations about the […]
24 May 2018

6 Things You’re Probably Doing Wrong Securing Serverless Apps

Review these 6 things you're probably doing wrong securing serverless apps and hopefully you can sleep well after some tweaks.
Do you ever have that sinking feeling in the pit of your stomach, worrying that you’ve forgotten something? […]
SEE DEMO
.