7 June 2018

AWS Lambda Security Best Practices

Least Privilege is an important AWS Lambda serverless security best practice. Although it's difficult, there's an upside.
Moving to serverless, including AWS Lambda, makes security both easier and harder, as I outlined in our Serverless […]
24 May 2018

6 Things You’re Probably Doing Wrong Securing Serverless Apps

Review these 6 things you're probably doing wrong securing serverless apps and hopefully you can sleep well after some tweaks.
Do you ever have that sinking feeling in the pit of your stomach, worrying that you’ve forgotten something? […]
16 May 2018

How to Best Defend Against Cloud-Native Malevolence

This article by Protego Labs CTO and co-founder Hillel Solow was originally published in Information Management. I spend a […]
10 May 2018

Serverless Security Scorecard

More resources equals more permissions to manage, creating challenges for serverless security
Serverless is a new approach to application architecture and deployment. Security becomes both easier and harder, and it […]
3 May 2018

Serverless: Three Revolutions Wrapped in One Buzzword

Serverless architecture is the revolution in how software is architected to enable horizontal scaling.
Serverless is actually 3 different revolutions with 3 different core values: infrastructure, architecture, & operations.
26 April 2018

Stateless and Ephemeral?

Assumptions can lead us to flipping a Jeep, or presuming serverless apps are inherently secure.
Due to the ephemeral nature of serverless apps, attackers can’t live long in your system… but it may be longer than you think. The risks & how to mitigate.
19 April 2018

Least Privilege for AWS Lambda Security

4 reasons least privilege, while fundamental to security, is rarely achieved. And serverless apps create new challenges with an almost endless set of opportunities to get permissions configured incorrectly. Fortunately, our CTO has good news.
12 April 2018

9 Serverless Security Best Practices

In some ways, serverless application architectures improve security. However, threats to your apps will persist. They just won’t look and act the same way. In this blog, we’ll outline 9 serverless security best practices you need to adopt as part of this paradigm shift.
25 March 2018

Your Apps Have Gone Serverless. Has Your Security?

Serverless apps are more agile, with faster deployment times and lower costs. Shifting to AWS Lambda Functions or Azure Functions makes some things more secure, but loss of control results in new security problems.
See Demo