Detect and Stop Serverless Application Attacks with Accuracy & Speed
The Protego serverless security solution continuously scans your serverless infrastructure, code, and runtime environment. Utilizing machine-based analysis and deep learning algorithms, Protego builds a model of normal application and function behavior to detect and stop application layer attacks.
Automatically Profile Function and Application Behavior
Protego continuously monitors your serverless application activity and automatically creates a white list of actions and interactions on a resource level.
- Discover and visualize serverless application structure, behavior & flow
- Automatically generate a white list of ‘good behavior’ including system access, external communications, triggers and more.
- Define custom policies and enforce behavior on a per function level.
Trigger Agnostic Application Layer Protection & Forensics
Protego’s Function Self Protection detects, alerts & stops application layer attacks such as the Serverless OWASP Top 10 and anomalous activity independent of the attack trigger.
- Detects & stops application attacks such as SQL & Injection and others, independent of input source
- Detect & stop anomalous & malicious actions (e.g calling an external destination) or interactions (calling a sub process)
- Move from alert to prevent mode and vice versa in real time
Serverless Security Platform Integrations for Alerting & Forensics
Get real time alerts, view an audit trail for events in full context, unmask compromise indicators and analyze event context.
- Pre-built Splunk and cloud watch integration for analysis and audit
- Pre-built integrations with tools such as Slack and Jira for security incident alerts
- Full REST API access allows integrations with other systems
Unified View of Serverless Application Posture & Forensics
The Posture Explorer provides a single, comprehensive view of your entire serverless ecosystem
- Application and function view of all inputs and triggers
- Detect & alert on configuration issues, such as unlinked triggers and unused resources
- Security-focused visualization of potential risk areas
- Clear indication of posture score and status
The Need for a Serverless Security Solution with Application Hardening
Read our Serverless Security Blogs to learn more about the different serverless security landscape. While serverless is more agile, and enables faster deployment with lower costs, it’s not necessarily more secure.