Injections Without Border: An Anatomy of Serverless Event Injections

Serverless applications have seen a significant rise in adoption in the past year. Along with its advantages, serverless architecture presents new security challenges. Some of these security threats are equal to those we know from traditional application development and some take on a new form.

One particular example is the Injection Attack. Yes, SQL/NoSQL, OS and Code Injection attacks, they all still exist. But, when dealing with a monolithic application we only have one way in. What happens when we move to serverless architecture and we lose the perimeter? Code is no longer executed directly, but is executed through cloud events. Whether it’s a file upload, an email sent, a notification received or a simple log entry.

In this talk, Tal will examine the Serverless #1 Risk: Event Injection, and will demonstrate injection attacks form multiple event types.

Friday, August 9th, 4:00 PM to 5:00 PM in Las Vegas. Register here.

Share This Article
Share on facebook
Share on linkedin
Share on twitter
Share on email

Join industry experts as they discuss all things serverless including industry news and best practice tips.