Check Point Extends Leadership in Cloud Security with Unmatched Serverless Protection
Acquired a pioneering serverless technology company expanding its CloudGuard platform and Infinity architecture to protect cloud workloads from 6th Gen Cyber Attacks SAN CARLOS, CA
AWS re:Invent Serverless Survival Guide
It is hard to believe that the 2019 AWS re:Invent is only a week away! It is almost time to pack your bags, along with
Develop a Cloud Migration Strategy: 7 Steps to Prepare Your Business
Its the future, and cloud computing has taken us there. As many have painfully experienced, migration to the cloud is a long step-by-step journey, and
Perimeterless Security in Serverless – A Protego Use Case
Companies choose to transition to serverless computing for various reasons, mainly being faster time-to-market and reduced infrastructure costs. However, the root cause of their serverless
7 of the Best Benefits of AWS Lambda for Your Cloud Computing System
All modern businesses with web-based applications run their applications on the cloud, but you already know this. The question is, where are they going next?
Developers Owning Security – A Protego Use Case
Companies choose to transition to serverless computing for various reasons, mainly being faster time-to-market and reduced infrastructure costs. However, the root cause of their serverless
Is Cloud Computing Secure? 7 FAQs About Cloud Security Answered (2020)
Whether 10 years ago or just last week, companies continue to ponder, “is cloud computing secure?” The truth is cloud computing is just as secure,
Security @ Serverless Speed – A Protego Use Case
Companies choose to transition to serverless computing for various reasons, mainly being faster time-to-market and reduced infrastructure costs. However, the root cause of their serverless
Protego Labs Launches Award-Winning Serverless Security Solution in AWS Marketplace
[vc_row][vc_column][vc_column_text] FOR IMMEDIATE RELEASE Protego Labs Launches Award-Winning Serverless Security Solution in AWS Marketplace New AWS Marketplace listing offers automated AWS Lambda Application Security solutions
Compliance in Serverless – A Protego Use Case
[vc_row][vc_column][vc_column_text]Companies choose to transition to serverless computing for various reasons; two main reasons including faster time-to-market and reduced infrastructure costs. However, their serverless security requirements
Serverless Security Risks
When adopting a serverless application paradigm, organizations need to embrace a new view on serverless security and the risks. Some key shifts that occur, including:
State of Serverless and Security
Trends in Serverless Adoption Serverless adoption has been increasing drastically over the past 18 months- outpacing other cloud infrastructure environments. Given this, Protego Labs has
Cloud Native Application Security – What You Need To Know
IBM lists the benefits of cloud computing as flexibility, efficiency, and strategic value. This sounds great, right? Well, the short answer is it can be.
What Is Cloud Native Security
[vc_row][vc_column][vc_column_text]Cloud-native applications are applications that have been built purposely to be deployed and operated in a cloud environment. They consist of small, independent microservices, such
Inside the Capital One Breach, and How to Block It
The Capital One data breach has been big news and for good reason. The exposure of over 100 million personal data records is a big
PODCAST: Multi Cloud Strategy ft. Jeremy Daly – The Serverless Smarts Podcast
The Multi Cloud Strategy Debate Think you can benefit from all worlds when going multi cloud? Can’t decide which cloud provider to go with so
Serverless Framework Risks: 7 Common Security Threats to Look Out For
According to a study by Gartner, 2019 will be the year of the cloud. The study estimates that global public cloud-related revenues will climb 17.5% this
PODCAST: Serverless FaaS & the Future of IAM – The Serverless Smarts Podcast
[vc_row][vc_column][vc_column_text] [/vc_column_text][vc_column_text]A recent article called serverless 2.0 by trying to add statefulness to FaaS. This raised a few questions about whether or not states are
Protego Labs Named Gold Winner for Business Products Startup of the Year and Bronze Winner for Technology Software Startup of the Year by CEO World Awards
[vc_row][vc_column][vc_column_text] FOR IMMEDIATE RELEASE Protego Labs Named Gold Winner for Business Products Startup of the Year and Bronze Winner for Technology Software Startup of the
PCI DSS and Serverless Demystified
While PCI DSS isn’t new, how those requirements are applied in serverless deployments, is. For instance, if you have an application that leverages payment card
Securing Serverless Apps – 6 Things You’re Probably Doing Wrong
Securing your serverless app can feel overwhelming. Do you ever have that sinking feeling in the pit of your stomach, worrying that you’ve forgotten something?
How Are Serverless Applications Attacked?
Serverless frameworks have become the next big thing in application development, allowing companies to release new features and functionality while focusing on innovation, rather than
PODCAST: Serverless Security Tools & Visibility – The Serverless Smarts Podcast
[vc_row][vc_column][vc_column_text] [/vc_column_text][vc_column_text] Visibility As Means for Better Security of Serverless Applications & Serverless Security Tools Monitoring and alerting tools are all about providing you with
Simple Voice-Command SQL Injection Hack into Alexa Application
[vc_row][vc_column][vc_column_text] Just what we need, another attack vector- Voice-Command SQL Injection Not all web applications are created equal, as each one has different levels of
How To Handle HIPAA Compliance with Serverless Security
[vc_row][vc_column][vc_column_text]It is back to school time, which means if you are a parent with younger children, it is time to fill out countless forms and
AWS Lambda Security Tools – Least Privileged
4 reasons least privilege, while fundamental to security, is rarely achieved. And serverless apps create new challenges with an almost endless set of opportunities to get permissions configured incorrectly. Fortunately, our CTO has good news.
Tal Melamed to Present the “Full Steam Ahead: Serverless Hacking 101” at DerbyCon
Serverless architecture presents new security challenges. Some are equivalent to traditional application development, but others take on a new form. This means that both developers
Protego Labs Exhibits at AWS Summit Toronto
[vc_row][vc_column width=”2/3″][vc_column_text]Come visit Protego Labs at the AWS Summit in Toronto on October 3rd. This is a free event designed to bring together the cloud computing
Tal Melamed to Present the “OWASP Serverless Top 10” at Global AppSec- DC
OWASP Serverless Top 10 In moving to serverless, we shift some security responsibilities to the infrastructure provider by eliminating the need to manage servers. Unfortunately,
Protego Serverless Security Announces Integration with Splunk and Slack
[vc_row][vc_column][vc_column_text] Clients receive enhanced real-time alerts and visibility through deeper application integration Baltimore, MD – August 14, 2019 – Protego Labs announces integration with alerting tools
9 Serverless Security Best Practices
In some ways, serverless application architectures improve security. However, threats to your apps will persist. They just won’t look and act the same way. In this blog, we’ll outline 9 serverless security best practices you need to adopt as part of this paradigm shift.
Serverless + Blockchain = Buzzword Math?
We’re pleased to share this post from guest blogger Chris Ensey, COO of Riot Blockchain. Last year I appeared on The Protego Serverless Show, where
Serverless Computing Services Security Quick Guide
Shared Responsibility Model We have heard the benefits of why companies are moving to serverless– zero administration, automatic scaling, and pay-for-use consumption modes. But where
PODCAST: Multi Cloud Environment & The Right Serverless Mindset – The Serverless Smarts Podcast
A recent article on Medium stated that serverless is a doctrine, not a technology. This raised the age-old question of what is serverless – Is
PODCAST: The Serverless Smarts Podcast, Ft. Ryan Jones. Zero Trust Model & Compliance
What is the zero trust model? Are compliance-driven applications off the table when it comes to serverless? Should applications that deal with credit card transactions,
Is AWS Lambda the Most Secure Application Platform? Probably.
We talk a lot about the need for a different security paradigm for AWS lambda security, and it’s easy for these messages to get conflated
A Deep Dive Into Serverless Attacks. SLS-6: Security Misconfiguration
In traditional applications, security misconfiguration can happen at any level of an application stack, including network services, platform, web server, application server, database, frameworks, custom
Tal Melamed to Present “Injections Without Borders” at Def Con 27
Injections Without Border: An Anatomy of Serverless Event Injections Serverless applications have seen a significant rise in adoption in the past year. Along with its
Protego Labs Announces Enhancements with New Pipeline Integration Tool
Baltimore, MD – July 10, 2019 – Protego Labs announces an enhancement to the Protego Proact and Protego Function Self-Protection (FSP) solutions with the introduction of
AWS Lambda Security Best Practices
Moving to serverless, including AWS Lambda, makes security both easier and harder, as I outlined in our Serverless Security Scorecard. In deploying serverless apps, you
Protego Labs Speaks at Serverless Nights Tel Aviv
Come Visit Protego Labs at Serverless Nights Tel Aviv Come join us for a night of networking and learning on July 10th from 18:30-20:30 in
Lock-Ins vs. Cloud-Agnostic
Many organizations contemplate whether or not vendor lock-ins are right for them, or should they stay cloud-agnostic. To answer this question, we got Hillel Solow,
Palo Alto’s Acquisition of Twistlock and What It Means for the Serverless Market
The big news in the last few weeks from the serverless space is Palo Alto’s acquisition of two cloud-native and serverless security companies. This acquisition
The Teething Problems of Node 10js Initial Runtime and What Can We Learn From It
The Node 10 release and the retiring of the Node 6 runtime created a debate around what you can expect from runtimes and from AWS.
PODCAST: Is Serverless Application Security Really Appsec or New Techniques
As cloud-native services gain popularity, an inevitable debate around the security of such applications grows bigger. One of the initial questions when it comes to
Protego Labs Releases New Feature for Zero-Day Defense
Keeping up with new threats to serverless and cloud native applications is a minute-by-minute task. Although serverless applications do not run on your servers, they
The Future of Serverless – Is Google Cloud Run a Step Back, Forward, or Sideways?
In part 1 of our latest Serverless Show, Hillel and Erica Windisch, CTO and Co-Founder, IOpipe discussed the complexity of cloud provider SLAs and the
Is Serverless Ready for Mission-Critical Apps?
Read and watch part 1 and part 2 of our latest Serverless Show featuring Erica Windisch, CTO and Co-Founder, IOpipe. In part 3, Hillel stated,
PODCAST: Amazon AWS SLA & Design Around Failures – The Serverless Smarts Podcast
This month, Hillel welcomed Erica Windisch, CTO and Co-Founder, IOpipe, and AWS Serverless Community Hero. Erica introduced herself. “I was one of the first employees
Serverless Bootcamp: Summer Series
We can’t think of a better way to kick-off summer than spending time with serverless experts and DevSecOps professionals from across the globe as part
A Deep Dive into Serverless Attacks, SLS-5: Broken Access Control in Serverless Deployments
Maintaining good access control in traditional apps is one of the hardest tasks. It involves both code and configuration. Both in the application and the infrastructure level. With the right serverless security tools, you will be to enforce least privilege permissions for code, without depending on the developer to know how to do that.
The Serverless Show Favorite Tweets – DO ALL THE CLOUDS!
Read and watch part 1, part 2, and part 3 of our latest Serverless Show featuring Ran Ribenzaft, CTO, Epsagon. In the final installment, our experts discuss their
PODCAST: GCP Cloud Run & The Serverless Spectrum – The Serverless Smarts Podcast
Read and watch part 1 and part 2 of our latest Serverless Show featuring Ran Ribenzaft, CTO, Epsagon. In part 3, Hillel stated, “Let’s talk
The Serverless Show, UC-Berkeley on The Rise of Serverless Computing
In part 1 of our latest Serverless Show, Hillel and Ran Ribenzaft, CTO, Epsagon discussed how serverless observability breeds confidence & complexity, and more. In
PODCAST: Serverless Observability Breeds Confidence
In the latest episode of The Serverless Show, Hillel was joined by Ran Ribenzaft, Co-Founder & CTO, Epsagon. Ran introduced himself, “I’m a cybersecurity specialist.
Serverless Boston @AWS Meetup
Come join us for a night of networking and learning on June 13th from 6:00-8:00 pm in Boston. SGA, AWS, and Protego Labs have teamed
Serverless NYC @CornellTech Meetup
Come join us for a night of networking and learning on June 11th from 6:00-8:30 pm in NYC. The SGA, Citi Group, and Protego Labs
Winter is Coming
The WAF Wall is Crumbling Whether you align with the North or the South, you have one common enemy, the Night King. The Night King
Protego Labs Bolsters Serverless Security Solution with Support for Amazon Web Services Fargate
[vc_row][vc_column][vc_column_text] FOR IMMEDIATE RELEASE Protego Labs Bolsters Serverless Security Solutions with Support for Amazon Web Services Fargate Company Driving Growth of Cloud Native Architectures with
Protego Labs Exhibits at re:Inforce
Come Visit Protego Labs at the Inaugural AWS re:Inforce Conference AWS re:Inforce is a two day conference for the AWS community where there will be
Who’s on your Starting Lineup?
It’s a new season, everyone is full of hope and optimism that this will be their year- that they will end the playoff season as
Hillel Solow to Present with Mike McDonald at Google Cloud Next 2019
Serverless Security Made Simple In a world filled with security breaches making the front page of newspapers, how do you balance the velocity gains of
Protego Labs Joins Amazon Web Services Partner Network
[vc_row][vc_column][vc_column_text] Protego Labs Joins Amazon Web Services Partner Network Collaboration Expands Serverless Security Solution for AWS Baltimore, MD – April 3, 2019 – Protego Labs
Protego Labs Wins Gold for Best Startup in 2019 Cybersecurity Excellence Awards
FOR IMMEDIATE RELEASE Protego Labs Wins Gold for Best Startup in 2019 Cybersecurity Excellence Awards Recognition Reflects Market’s Rapid Expansion and Use of Serverless Technologies
A Deep Dive into Serverless Attacks, SLS-4: XML External Entity (XXE) Attacks
Let me first apologize for the long absence. However, I haven’t been idle. I’ve been working hard to take the OWASP Serverless Top 10 project
Serverless Computing Security Risks & Challenges
Serverless Architecture = What Cloud Should Be Serverless enables you to shift even more infrastructure management responsibilities to your cloud provider. Serverless architectures provide you
Top 7 Takeaways from our 2018 Serverless Shows
What to just stop worrying about already, and what to start worrying about more Protego Labs has been producing a podcast, The Serverless Show, since
Tal Melamed to Present “Serverless Top 10” at OWASP Meetup
OWASP Serverless Top 10 In moving to serverless, we shift some security responsibilities to the infrastructure provider by eliminating the need to manage servers. Unfortunately,
PODCAST: Vacation Tracker & The Importance of Open Source
For this episode of The Serverless Show, Tal was in the office with Hillel in Jerusalem, and they were joined by Slobodan Stojanovic, CTO of
Vulnerable Serverless App – Level Up on Security
Welcome to 2019. The year we will all understand that serverless is not a fleeting trend, but is here to stay. How am I so
Protego Labs Launches Damn Vulnerable Serverless Application
FOR IMMEDIATE RELEASE Protego Labs Launches Damn Vulnerable Serverless Application Company Donates First Ever Realistic Serverless Security Testing App to OWASP Baltimore, MD – January
Protego Labs Awarded Frost & Sullivan’s 2018 Global Serverless Security New Product Innovation Award
FOR IMMEDIATE RELEASE Protego Labs Awarded Frost & Sullivan’s 2018 Global Serverless Security New Product Innovation Award Company Recognized for Driving Serverless Security Adoption Baltimore,
PODCAST: The Serverless Show, Ft. Forrest Brazeal. re:Invent Recap
For this episode, Hillel from Protego was joined by Forrest Brazeal, a senior cloud architect at Trek10 and an official AWS Serverless Community Hero. Forrest
Cloud Native Application Security Starts with Identity Management
This article by Protego Labs CTO and co-founder Hillel Solow was originally about cloud native security published in The New Stack I had something of
Layers and Runtimes @ Protego
Background Protego is the provider of a comprehensive security solution for cloud native and serverless applications, providing enhanced security posture, realtime security observability and cloud
A Deep Dive into Serverless Attacks, SLS-3: Sensitive Data Disclosure
Great news! The OWASP Serverless Top 10 first release is out! And so, we continue with this blog post series, taking you through a journey
Protego Labs Named 2019 Company to Watch by SDTimes
FOR IMMEDIATE RELEASE Protego Labs Named 2019 Company to Watch by SDTimes Company One of Two Serverless Providers Listed While Serverless Application Market Accelerates Baltimore,
PODCAST: The View from Different Angles – AWS Serverless Monitoring
For this episode, Hillel and Tal from Protego were joined by Alex Glikson, Cloud Guru at Carnegie Mellon University. Alex stated, “I have been working
Protego Spearheads Launch of the OWASP Official Serverless Top 10 Project
FOR IMMEDIATE RELEASE Protego Spearheads Launch of the OWASP Official Serverless Top 10 Project Report to Educate Application Security Practitioners on Serverless Application Risks and
7 Tools That Ease Serverless Security Adoption, and Companies to Watch in 2019
We are pleased to be included in the SD Times list of Companies to Watch in 2019 WHAT DO THEY DO: Serverless security adoption WHY
A Deep Dive into Serverless Attacks, SLS-2: Broken Authentication
Thanks for joining me for the second post in the series, the OWASP Serverless Top 10 Broken Authentication. In the previous post I discussed what
PODCAST: AWS iRobot & Making it Someone Else’s Problem
For this episode, Hillel and Tal from Protego were joined by Ben Kehoe, a cloud robotics research scientist at iRobot and an AWS Serverless Hero.
Here Come Botnets – Serverless Botnets Security
Serverless computing continues to grow as cloud consumers expand their use of technologies like AWS Lambda and Google Cloud Functions. Serverless functions are ephemeral by
A Deep Dive into OWASP TOP TEN – Serverless Attacks, SLS-1: Event Injection
The OWASP Serverless top ten project was just launched. It aims at educating practitioners and organizations about the consequences of the most common serverless application
Protego Labs Launches a Free Plan for its Flagship Serverless Security Solution
FOR IMMEDIATE RELEASE Protego Labs Launches a No Cost Plan for its Flagship Serverless Security Solution New Version Will Help Companies Accelerate Serverless Adoption With
PODCAST: Serverless Startups & More
For this episode, Hillel and Tal from Protego were joined by Mike Atkins, a distributed systems engineer at LaunchDarkly. Mike explained, “LaunchDarkly makes it easy
Tal Melamed Speaking at Serverless Days Portland
ServerlessDays are a family of events around the world focused on fostering a community around serverless technologies. ServerlessDays began as JeffConf, a tongue in cheek
Protego Head of Security Research Speaking at The Rochester Security Summit
The Rochester Security Summit is a community focal point for education and awareness in collaboration with higher education, business and industry partners, held during National
Protego Head of Security Research Speaking at Infosecurity North America
Infosecurity North America takes place in New York, 14-15 November 2018. The event provides end-user buyers with a focused business event environment that facilitates valuable networking, immersive
Protego CTO Speaking at OWASP AppSec Israel 2018
The annual OWASP’S AppSec Israel Conference is the largest conference in Israel for application security, and regularly draws hundreds of participants. Over 700 developers, testers, architects, product designers,
PODCAST: Yan Cui Serverless Lessons
Hillel and Tal from Protego were joined by a guest Hillel referred to as, “The Mick Jagger of serverless,” Yan Cui, principal engineer at DAZN. Watch
Protego Labs and Mode2 to Provide Serverless Security to U.S. Cloud Customers
FOR IMMEDIATE RELEASE Protego Labs and Mode2 to Provide Serverless Security to U.S. Cloud Customers Strategic Partnership Created as Market Demand for Serverless Accelerates Baltimore,
Security in Serverless Architecture – Your Security Just Might Kill Your Serverless
Security in Serverless Architecture – Your Security Just Might Kill Your Serverless by Protego Labs CTO and co-founder Hillel Solow was originally published in The
Protego Head of Security Research Speaking at Cyber Security Atlanta
Cyber Security Atlanta is a must attend cyber security event that provides cyber security experts, decision makers, hackers and technical specialists with the latest tech
Tal Melamed Presenting at Hacker Halted
Hacker Halted Hacker Halted includes advanced ethical hacking training and over 40 presentations from the industry’s most accomplished professionals and thought leaders. The event will be
Feature Flags in Serverless Environments – Implementation
We’re pleased to share this guest blog “Implementing Feature Flags in Serverless Environments” by Mike Atkins, Software Engineer at LaunchDarkly. A Demonstration of LaunchDarkly Feature
Protego Labs Finds Nearly All Serverless Application Functions at Risk
FOR IMMEDIATE RELEASE Protego Labs Finds Nearly All Serverless Application Functions at Risk Unnecessary Permissions, Vulnerable Code, Wrong Configurations Top Greatest Weaknesses Baltimore, MD –
PODCAST: The Serverless Show. Serverless + Blockchain, The Comprehension Divide, Role of DevOps
For this Serverless Podcast, Hillel was joined by Shali Mor, Vice President, R&D and Co-founder of Protego. Watch the video below or listen to the
A Truly Serverless Web: The End of The Cloud
We’re pleased to welcome guest blogger Viktor Charypar for this article A Truly Serverless Web: The End of The Cloud, Engineer at digital transformation experts
Security For Web Developers
This two-part article by Protego Labs CTO and co-founder Hillel Solow was originally published in DEVOPSdigest. Securing cloud native applications presents an interesting challenge. Cloud
PODCAST: John Visneski from The Pokémon Company on Adopting Serverless
The second episode of The Serverless Show is available above on video as well as on SoundCloud, and summarized below. For this episode, Hillel and
Securing Serverless Apps: 3 Critical Tasks in 3 Days
Securing serverless applications requires three critical components. Read the original article published in Dark Reading and written by Protego Labs CTO and co-founder Hillel Solow.
PODCAST: The Serverless Show, featuring Wayne Scarano from SGA
We’re pleased to share our first podcast, “The Serverless Show.” In addition to the below summarized article and above video, you can listen on SoundCloud.
Cloud Native Security Controls
This article by Protego Labs CTO and co-founder Hillel Solow was originally published in Information Management. I spend a lot of time in a dance with
Serverless Security Scorecard
Serverless is a new approach to application architecture and deployment. Security becomes both easier and harder, and it is nuanced. In this post, we’ll go
Protego Secures $2 Million in Seed Funding for Serverless Security Platform
FOR IMMEDIATE RELEASE Protego Secures $2 Million in Seed Funding for Serverless Security Platform Financing Led by Gula Tech Adventures and Glilot Capital Partners Baltimore,
What Are Serverless Functions: Three Revolutions Wrapped in One Buzzword
Serverless is actually 3 different revolutions with 3 different core values: infrastructure, architecture, & operations.
AWS Lambda Stateless & Ephemeral?
Due to the ephemeral nature of serverless apps, attackers can’t live long in your system… but it may be longer than you think. The risks & how to mitigate.
Serverless Computing Security – Has Your Security Gone Serverless?
Serverless apps are more agile, with faster deployment times and lower costs. Shifting to AWS Lambda Functions or Azure Functions makes some things more secure, but loss of control results in new security problems.
Protego Labs Wins Most Innovative Cyber Initiative at The Cybertech Conference
Protego Labs has won the Startup Competition for the most innovative cyber initiative at the Cybertech Tel Aviv 2018 Conference. The competition, powered by YL
