Code PaLOUsa 2022

The OWASP Serverless Security Top 10 as Code

Our talk- The OWASP Serverless Security Top 10 as Code: Serverless architecture has brought a lot of comfort and elegance to software delivery, making it quite appealing for modern application engineering. However, it's not without its drawbacks. In fact, serverless architecture introduces a whole new set of security implications that should be considered early when building your applications.The OWASP Serverless Top 10 is an excellent reference for educating practitioners and organizations about the potential security risks and consequences when implementing serverless architecture, as well as how to mitigate these. However, as with all things engineering - if isn't automated and built into developer workflows, most of the time it just won't happen.In this talk we'll walk you through the current serverless security state of the union - known methods for securing your serverless applications, the manual methods vs. automated techniques. We'll wrap up with practical ways for translating these known risks into an automated plan built for any language, tech stack or feature, providing practical methods to take back control and mitigate these known top 10 serverless exploits with code.

Jit- product security for busy developers- Location
Louisville, KY
Jit- product security for busy developers- Date
August 17, 2022
August 19, 2022
Clock- time

Meet the Team:

Chris Koehnecke
VP Security Engineering & CISO
No items found.