preview

Serverless Research Paper

Good Essays

Securing Serverless - Q&A With Protego CTO Hillel Solow
Serverless computing is the ultimate reduction in security attack surface. There is no computer, virtual machine, container infrastructure or network service to attack - just your code and the potential of a security issue introduced by mostly human configuration errors. As is tradition with our portfolio companies, I conducted an interview with the CTO of our serverless security investment, Protego Labs about how monitoring the security of a serverless infrastructure is different than traditional cyber security paradigms.
What changes in security does serverless bring?
First, there are areas where serverless makes security better almost immediately. For example, for the most part, shifting …show more content…

For example, a SQL injection technique might be used to steal 100 credit card numbers from the database. This attack is repeated as many thousands or millions of times as needed. Attacker take advantage of the nearly infinite transparent scaling of serverless to mitigate their inability to so a lot of damage in one shot.
Upstream attacks, where attackers leverage the fact that your code likely uses hundreds or even thousands of 3rd party modules. Attackers find modules where they can get their malicious code included in the published library, and wait for your developers to deploy their next version, at which point the malicious code is now persistent in your function.
Cloud infrastructure attacks, where the attacker tries to gain access directly to your cloud resources, such as the ability to launch containers, create functions or modify permissions. One common vector that is gaining momentum is where attackers find access keys to a cloud account that have been inadvertently posted somewhere on the internet, and use those to attack the cloud …show more content…

Protego Proact analyzes serverless applications continually during deployment and production, and detects any gaps in security posture, helping both SecOps and DevOps teams collaborate on remediating posture issues quickly.
Protego Observe analyzes real-time telemetry from application activity and logs, and isolates security events that require customer attention, collating small events across multiple resources into a single story.
Protego Posture ExplorerProtego Defend applies elastic defense to the application, meaning that it uses all the of the detailed data on posture and behavior to compile a highly customized security defense strategy for each part of the application, so that the minimum security overhead is incurred while defending the application.
Protego Application defenseWhat sort of feedback do these solutions give to AWS Lambda administrators and

Get Access