AWS Lambda Security Tools – Least Privileged

4 reasons least privilege, while fundamental to security, is rarely achieved. And serverless apps create new challenges with an almost endless set of opportunities to get permissions configured incorrectly. Fortunately, our CTO has good news.

Is AWS Lambda the Most Secure Application Platform? Probably.

We talk a lot about the need for a different security paradigm for AWS lambda security, and it’s easy for these messages to get conflated with messages like “this thing isn’t secure.” While it’s sort of early days for serverless, there are a few good reasons to believe that security teams should be pushing their […]

AWS Lambda Security Best Practices

Moving to serverless, including AWS Lambda, makes security both easier and harder, as I outlined in our Serverless Security Scorecard. In deploying serverless apps, you cede control over most of the stack to your cloud provider, for better and for worse. You no longer own OS hardening, admin rights, SSH, and segmentation. The exception where […]

Layers and Runtimes @ Protego

Background Protego is the provider of a comprehensive security solution for cloud native and serverless applications, providing enhanced security posture, realtime security observability and cloud native application defense. One key technology in the Protego arsenal is the Protego Function Self Protection module (FSP). The FSP is a transparent, lightweight module that is inserted into functions […]

PODCAST: The View from Different Angles – AWS Serverless Monitoring

For this episode, Hillel and Tal from Protego were joined by Alex Glikson, Cloud Guru at Carnegie Mellon University. Alex stated, “I have been working on virtualization and cloud infrastructure topics for the last 15 years or so, even before it was called ‘cloud.’ We had the prototype of a bare-metal cloud roughly 15 to […]

PODCAST: AWS iRobot & Making it Someone Else’s Problem

For this episode, Hillel and Tal from Protego were joined by Ben Kehoe, a cloud robotics research scientist at iRobot and an AWS Serverless Hero. Ben’s AWS iRobot Serverless Experience Ben explained, “iRobot, we’ve been making the Roomba since 2002. In 2015, we launched our first connected Roomba. We had a business that was at […]

Feature Flags in Serverless Environments – Implementation

We’re pleased to share this guest blog “Implementing Feature Flags in Serverless Environments” by Mike Atkins, Software Engineer at LaunchDarkly. A Demonstration of LaunchDarkly Feature Flags in Serverless with AWS Lambda Serverless architecture, while a relatively new pattern in the software world, is quickly becoming a valuable asset in a variety of use cases. There […]