4 reasons least privilege, while fundamental to security, is rarely achieved. And serverless apps create new challenges with an almost endless set of opportunities to get permissions configured incorrectly. Fortunately, our CTO has good news.
We talk a lot about the need for a different security paradigm for AWS lambda security, and it’s easy for these messages to get conflated with messages like “this thing isn’t secure.” While it’s sort of early days for serverless, there are a few good reasons to believe that security teams should be pushing their […]
Moving to serverless, including AWS Lambda, makes security both easier and harder, as I outlined in our Serverless Security Scorecard. In deploying serverless apps, you cede control over most of the stack to your cloud provider, for better and for worse. You no longer own OS hardening, admin rights, SSH, and segmentation. The exception where […]
Background Protego is the provider of a comprehensive security solution for cloud native and serverless applications, providing enhanced security posture, realtime security observability and cloud native application defense. One key technology in the Protego arsenal is the Protego Function Self Protection module (FSP). The FSP is a transparent, lightweight module that is inserted into functions […]
For this episode, Hillel and Tal from Protego were joined by Alex Glikson, Cloud Guru at Carnegie Mellon University. Alex stated, “I have been working on virtualization and cloud infrastructure topics for the last 15 years or so, even before it was called ‘cloud.’ We had the prototype of a bare-metal cloud roughly 15 to […]
For this episode, Hillel and Tal from Protego were joined by Ben Kehoe, a cloud robotics research scientist at iRobot and an AWS Serverless Hero. Ben’s AWS iRobot Serverless Experience Ben explained, “iRobot, we’ve been making the Roomba since 2002. In 2015, we launched our first connected Roomba. We had a business that was at […]
We’re pleased to share this guest blog “Implementing Feature Flags in Serverless Environments” by Mike Atkins, Software Engineer at LaunchDarkly. A Demonstration of LaunchDarkly Feature Flags in Serverless with AWS Lambda Serverless architecture, while a relatively new pattern in the software world, is quickly becoming a valuable asset in a variety of use cases. There […]
Serverless apps are more agile, with faster deployment times and lower costs. Shifting to AWS Lambda Functions or Azure Functions makes some things more secure, but loss of control results in new security problems.