Published a new Episode of AWS Bites Podcast
29. Is serverless more secure?
https://www.youtube.com/watch?v=cDj5j1qOVyw
Eoin and Luciano take you through the ways serverless can give you more security out of the box. We cover the tradeoffs between having more security control and the responsibility that comes with this power. There are always new security challenges so we cover some of the common pitfalls with serverless and AWS security in general. Finally, we share some tips to make your serverless deployments more secure.
00:00 Intro
01:07 The principle of least privilege with Serverless
02:15 Poisoned dependencies in Lambda
03:25 AWS Shared responsibility model
06:14 How AWS handled the Log4j vulnerability
07:42 The effects of short execution times and disposable runtimes in Lambda
10:16 What happens if a Lambda is compromised
14:00 Security challenges in the context of Lambda
17:05 Can security hinder the velocity of Serverless development?
20:31 Network security & Serverless
23:50 Runtime execution policies (FunctionShield)
25:30 How Serverless elasticity can create security side effects
28:20 Threats Serverless doesn't protect you against
31:15 Outro
In this episode, we mentioned the following resources:
- Architecting Secure Serverless Applications on the AWS Architecture Blog: https://aws.amazon.com/blogs/architec...
- AWS IAM Access Analyzer: https://docs.aws.amazon.com/IAM/lates...
- The AWS response to the Log4J2 vulnerability: https://aws.amazon.com/security/secur...
- FunctionShield: https://github.com/puresec/FunctionSh...
- Snyk for scanning dependencies and containers for compromised packages: https://snyk.io/
You can listen to AWS Bites wherever you get your podcasts:
- Apple Podcasts: https://podcasts.apple.com/us/podcast...
- Spotify: https://open.spotify.com/show/3Lh7Pzq...
- Google: https://podcasts.google.com/feed/aHR0...
- Breaker: https://www.breaker.audio/aws-bites
- RSS: https://anchor.fm/s/6a3312a0/podcast/rss
Do you have any AWS questions you would like us to address?
Leave a comment here or connect with us on Twitter:
- https://twitter.com/eoins
- https://twitter.com/loige
Eoin and Luciano take you through the ways serverless can give you more security out of the box. We cover the tradeoffs between having more security control and the responsibility that comes with this power. There are always new security challenges so we cover some of the common pitfalls with serverless and AWS security in general. Finally, we share some tips to make your serverless deployments more secure.
00:00 Intro
01:07 The principle of least privilege with Serverless
02:15 Poisoned dependencies in Lambda
03:25 AWS Shared responsibility model
06:14 How AWS handled the Log4j vulnerability
07:42 The effects of short execution times and disposable runtimes in Lambda
10:16 What happens if a Lambda is compromised
14:00 Security challenges in the context of Lambda
17:05 Can security hinder the velocity of Serverless development?
20:31 Network security & Serverless
23:50 Runtime execution policies (FunctionShield)
25:30 How Serverless elasticity can create security side effects
28:20 Threats Serverless doesn't protect you against
31:15 Outro
In this episode, we mentioned the following resources:
- Architecting Secure Serverless Applications on the AWS Architecture Blog: https://aws.amazon.com/blogs/architec...
- AWS IAM Access Analyzer: https://docs.aws.amazon.com/IAM/lates...
- The AWS response to the Log4J2 vulnerability: https://aws.amazon.com/security/secur...
- FunctionShield: https://github.com/puresec/FunctionSh...
- Snyk for scanning dependencies and containers for compromised packages: https://snyk.io/
You can listen to AWS Bites wherever you get your podcasts:
- Apple Podcasts: https://podcasts.apple.com/us/podcast...
- Spotify: https://open.spotify.com/show/3Lh7Pzq...
- Google: https://podcasts.google.com/feed/aHR0...
- Breaker: https://www.breaker.audio/aws-bites
- RSS: https://anchor.fm/s/6a3312a0/podcast/rss
Do you have any AWS questions you would like us to address?
Leave a comment here or connect with us on Twitter:
- https://twitter.com/eoins
- https://twitter.com/loige