SlideShare une entreprise Scribd logo

Serverless Security: What's Left to Protect?

Guy Podjarny
Guy Podjarny

Slides from my ServerlessConf Austin 2017. Serverless means handing off server management to the cloud platforms - along with their security risks. With the “pros” ensuring our servers are patched, what’s left for application owners to protect? As it turns out, quite a lot. This talk discusses the aspects of security serverless doesn’t solve, the problems it could make worse, and the tools and practices you can use to keep yourself safe

Technologie
1  sur  94
Télécharger pour lire hors ligne
snyk.io Serverless Security:
 What’s Left to Protect? Guy Podjarny, Snyk @guypod
snyk.io About Me • Guy Podjarny, @guypod on Twitter • CEO & Co-founder at Snyk • History: • Cyber Security part of Israel Defense Forces • First Web App Firewall (AppShield), Dynamic/Static Tester (AppScan) • Security: Worked in Sanctum -> Watchfire -> IBM • Performance: Founded Blaze -> CTO @Akamai • O’Reilly author, speaker
snyk.io Serverless
 Changes Security
snyk.io Serverless Is… Better for some security concerns Neutral for some security concerns Worse for some security concerns
snyk.io When is Serverless 
 Better for Security?
snyk.io Serverless has no Servers! (that you manage and secure)
snyk.io Vulnerable
 OS Dependencies “patching”your servers Less need to worry about…
snyk.io Verizon:
 “Most attacks exploit known vulnerabilities that have never been patched despite patches being available for months, or even years”
snyk.io Symantec: 
 “Through 2020, 99% of vulnerabilities exploited will continue to be ones known by security and IT professionals for at least one year”
snyk.io With Serverless, it’s the
 platform’s responsibility And it’s the platform operators core competency
snyk.io FaaS ~= PaaS FaaS naturally relies less on OS dependencies
snyk.io Denial of Service Less need to worry about…
snyk.io DoS means a stream of
 specific “heavy”requests
 take down server(s)(e.g. ReDoS). In FaaS, there is no long standing server to take down
snyk.io Auto Scale FTW! Deal with bad demand just like dealing with good demand
snyk.io Caveat: 
 Concurrent execution limit AWS Lambda default limit 600 concurrent function executions
snyk.io Caveat: 
 Your bill You still pay for extra traffic…
snyk.io Caveat: 
 Limited in size 100Gbps attack will still take you down…
 Consider a DDoS protection solution too.
snyk.io Long-lived Compromised Servers Less need to worry about…
snyk.io Attackers penetrate 
 in stages
snyk.io Attackers like to lay in wait
snyk.io FaaS forces Statelessness -
 including bad state Attackers need to repeat attacks many times, risking detection & remediation
snyk.io Caveat: 
 Containers may be reused Avoid private data in /tmp/
snyk.io FaaS > PaaS PaaS Servers are managed, but still live longer
snyk.io Security in Serverless Vulnerable OS Dependencies Denial of Service Long-lived Compromised Servers Better
snyk.io So attackers will go… ¯_(ツ)_/¯ Right?
snyk.io When is Serverless 
 Neutral for Security?
snyk.io Permissions and authorization Still need to worry about…
snyk.io Who can invoke your function?
snyk.io Who can access code & 
 env vars for your function?
snyk.io If your function was compromised, what can it do?
snyk.io AWS Security Policy Easier Policy 3Policy 2 Policy 1 Safer
snyk.io Keep your policies granular
snyk.io Use Least Privilege Principle
snyk.io Adding permissions is easy.
 Removing permissions is hard
snyk.io Serverless is a bit better
 for authorization if managed properly, which it often isn’t
snyk.io Securing Data (at rest) Still need to worry about…
snyk.io FaaS apps still store data and that data can be stolen or tampered with
snyk.io FaaS means more state 
 outside the server can no longer keep sensitive data “on the machine”
snyk.io FaaS allows more granular
 data access controls Control which functions can access which data
snyk.io Tips & Tricks • Encrypt all sensitive persistent data • Encrypt all sensitive off-box state data • Minimize functions that can access each data store • Use separate DB credentials per function • And control what these credentials should do • Monitor which functions are accessing which data
snyk.io Vulnerabilities in 
 Your Code Still need to worry about…
snyk.io Serverless doesn’t protect
 the Application Layer
snyk.io SQL Injection Cross Site Scripting Remote Command Execution Cross Site Request Forgery Bad auth logic …
snyk.io https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project
snyk.io App Sec Tips • Dynamic App Sec Testing (e.g. OWASP Zap) • Static App Sec Testing (e.g. Codiscope Jacks) • Standardize input processing to include sanitization • Make API Gateway models as strict as possible • Secure each function independently
snyk.io Vulnerable
 Application Dependencies Still need to worry about…
snyk.io Serverless functions use
 Application Dependencies npm, Maven, PyPI, nuget…
snyk.io For many functions, the majority 
 of code is dependencies 3rd party code can hold vulnerabilities just like 1st party code
snyk.io Example: Fetch file & store in s3 (Serverless Framework Example) 19 Lines of Code 2 Direct dependencies 19 dependencies (incl. indirect) 191,155 Lines of Code
snyk.io More code ~= 
 More Vulnerabilities
snyk.io Over time, dependencies grow
 stale & vulnerable
snyk.io The platform manages 
 OS Dependencies.
 
 You need to manage 
 App Dependencies.
snyk.io Announcing
 Snyk for Serverless! Continuously monitor for vulnerable dependencies in your functions (and PaaS apps)
snyk.io Snyk for Serverless!
 (and PaaS)
snyk.io Snyk for Serverless!
 (and PaaS)
snyk.io Snyk for Serverless!
 (and PaaS)
snyk.io Snyk for Serverless!
snyk.io Security in Serverless Vulnerabilities in your code Vulnerable App Dependencies Permissions Securing Data at rest Vulnerable OS Dependencies Denial of Service Long-lived Compromised Servers Better Neutral
snyk.io Neutral ~= Worse By eliminating some threats, 
 Serverless shifts attacker attention to what’s left
snyk.io When is Serverless 
 Worse for Security?
snyk.io Serverless doesn’t create 
 new security problems.
snyk.io Serverless means more… 
 Independent Services Flexible Interfaces Use of 3rd party services including the risks that entails!
snyk.io Third Party Services and securing data in transit More need to worry about…
snyk.io What data are you sharing? and how well does the other service manage it? For each service, worry about…
snyk.io Is data in transit secured? Is it using HTTPS? Is it within a VPC? Is it encrypted? For each service, worry about…
snyk.io Who are you talking to? You use an API key, but how do you authenticate them?
 Validate HTTPS cert, especially when exiting your network For each service, worry about…
snyk.io Do you trust its responses? If the other service is compromised, can it be used to get to you? For each service, worry about…
snyk.io How to store API keys? Be sure to use a KMS and Env Variables! For each service, worry about…
snyk.io For each service, worry about… • What data are you sharing? • Is data in transit secured? • Who are you talking to? • Do you trust its responses? • How to store API keys?
snyk.io Worry about 
 1st party services too! Don’t let your least secure function take down the system
snyk.io Tools?
snyk.io Attack Surface mo’ functions, mo’ problems More need to worry about…
snyk.io Serverless -> Granularity ->
 Flexibility
snyk.io Flexibility -> Risk Harder to define what’s “right”, more use-cases to abuse
snyk.io A function is a perimeter That needs to be secured Perimeter Perimeter Perimeter Perimeter Perimeter
snyk.io Tips & Tricks • Test every function for security flaws, independently • Don’t rely on limiting access to a function • Access controls will change over time, without code changes • Use shared input/output processing libraries • Make it easier to process input securely than insecurely • Limit functionality to what you actually need • Sometimes you need to work more to let functions do less • Monitor both individual functions and full flows
snyk.io Security Monitoring mo’ functions, mo’ problems More need to worry about…
snyk.io Why NOT
 deploy a function? Super easy, (effectively)zero cost
snyk.io Easy deployment + min cost = LOTS of functions Many of which are lightly used
snyk.io Easy to add,
 Hard to remove
snyk.io Policies tend to expand… Expanding is easy, contracting is hard
snyk.io LOTS of functions,
 many of which are lightly used,
 with overly open policies… our future?
snyk.io Every Function 
 introduces Risk
snyk.io No ops cost != 
 No cost of ownership Risk & Management costs still exist
snyk.io Tips & Tricks • Consider before you deploy. Do you need this? • Separate networks/accounts for groups of functions • Track what you have deployed, and how it’s used • Minimize permissions up front • Chaos-style reduce permissions and see what breaks • Monitor for known vulnerabilities in functions
snyk.io Monitor for Vulnerable
 App Dependencies
snyk.io Security in Serverless Vulnerabilities in your code Vulnerable App Dependencies Permissions Securing Data at rest Vulnerable OS Dependencies Denial of Service Long-lived Compromised Servers Third Party Services Attack Surface Security Monitoring Better Neutral Worse
snyk.io Summary
snyk.io Serverless dramatically reduces some top security threats
snyk.io But…
snyk.io Security is hard - 
 and attackers don’t give up
snyk.io Serverless shuffle 
 security priorities Previously easy attacks are now hard.
 Attackers will move on to the next item on the list

snyk.io Security in Serverless Vulnerabilities in your code Vulnerable App Dependencies Permissions Securing Data at rest Vulnerable OS Dependencies Denial of Service Long-lived Compromised Servers Third Party Services Attack Surface Security Monitoring Better Neutral Worse
snyk.io Serverless is defined now.
 Let’s build Security in. Thank You! Guy Podjarny, Snyk @guypod

Recommandé

Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Amazon Web Services
 
AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...
AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...
AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...Amazon Web Services
 
Your First Hour on AWS: Building the Foundation for Large Scale AWS Adoption
Your First Hour on AWS: Building the Foundation for Large Scale AWS AdoptionYour First Hour on AWS: Building the Foundation for Large Scale AWS Adoption
Your First Hour on AWS: Building the Foundation for Large Scale AWS AdoptionAmazon Web Services
 
Jump Start your First Hour with AWS
Jump Start your First Hour with AWSJump Start your First Hour with AWS
Jump Start your First Hour with AWSAmazon Web Services
 
Getting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesGetting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesAmazon Web Services
 
Deep Dive on Elastic Load Balancing
Deep Dive on Elastic Load BalancingDeep Dive on Elastic Load Balancing
Deep Dive on Elastic Load BalancingAmazon Web Services
 
Accelerating and Securing your Applications in AWS. In-depth look at Solving ...
Accelerating and Securing your Applications in AWS. In-depth look at Solving ...Accelerating and Securing your Applications in AWS. In-depth look at Solving ...
Accelerating and Securing your Applications in AWS. In-depth look at Solving ...Amazon Web Services
 
The Psychology of Security Automation
The Psychology of Security AutomationThe Psychology of Security Automation
The Psychology of Security AutomationJason Chan
 

Recommandé

Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Amazon Web Services
 
AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...
AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...
AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...Amazon Web Services
 
Your First Hour on AWS: Building the Foundation for Large Scale AWS Adoption
Your First Hour on AWS: Building the Foundation for Large Scale AWS AdoptionYour First Hour on AWS: Building the Foundation for Large Scale AWS Adoption
Your First Hour on AWS: Building the Foundation for Large Scale AWS AdoptionAmazon Web Services
 
Jump Start your First Hour with AWS
Jump Start your First Hour with AWSJump Start your First Hour with AWS
Jump Start your First Hour with AWSAmazon Web Services
 
Getting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesGetting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesAmazon Web Services
 
Deep Dive on Elastic Load Balancing
Deep Dive on Elastic Load BalancingDeep Dive on Elastic Load Balancing
Deep Dive on Elastic Load BalancingAmazon Web Services
 
Accelerating and Securing your Applications in AWS. In-depth look at Solving ...
Accelerating and Securing your Applications in AWS. In-depth look at Solving ...Accelerating and Securing your Applications in AWS. In-depth look at Solving ...
Accelerating and Securing your Applications in AWS. In-depth look at Solving ...Amazon Web Services
 
The Psychology of Security Automation
The Psychology of Security AutomationThe Psychology of Security Automation
The Psychology of Security AutomationJason Chan
 
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...Amazon Web Services
 
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...Amazon Web Services
 
Deep Dive: AWS CloudHSM (Classic)
Deep Dive: AWS CloudHSM (Classic)Deep Dive: AWS CloudHSM (Classic)
Deep Dive: AWS CloudHSM (Classic)Amazon Web Services
 
(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the CloudAmazon Web Services
 
Aws security overview q3 2010 v2
Aws security overview q3 2010 v2Aws security overview q3 2010 v2
Aws security overview q3 2010 v2ReadMaloney
 
(SEC315) AWS Directory Service Deep Dive
(SEC315) AWS Directory Service Deep Dive (SEC315) AWS Directory Service Deep Dive
(SEC315) AWS Directory Service Deep Dive Amazon Web Services
 
AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...
AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...
AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...Amazon Web Services
 
(SEC307) A Progressive Journey Through AWS IAM Federation Options
(SEC307) A Progressive Journey Through AWS IAM Federation Options(SEC307) A Progressive Journey Through AWS IAM Federation Options
(SEC307) A Progressive Journey Through AWS IAM Federation OptionsAmazon Web Services
 
Keynote - Cloudy Vision: How Cloud Integration Complicates Security
Keynote - Cloudy Vision: How Cloud Integration Complicates SecurityKeynote - Cloudy Vision: How Cloud Integration Complicates Security
Keynote - Cloudy Vision: How Cloud Integration Complicates SecurityCloudVillage
 
Cloud Security at Netflix
Cloud Security at NetflixCloud Security at Netflix
Cloud Security at NetflixJason Chan
 
Netflix security monkey overview
Netflix security monkey overviewNetflix security monkey overview
Netflix security monkey overviewRyan Hodgin
 
AWS re:Invent 2016: [JK REPEAT] Serverless Architectural Patterns and Best Pr...
AWS re:Invent 2016: [JK REPEAT] Serverless Architectural Patterns and Best Pr...AWS re:Invent 2016: [JK REPEAT] Serverless Architectural Patterns and Best Pr...
AWS re:Invent 2016: [JK REPEAT] Serverless Architectural Patterns and Best Pr...Amazon Web Services
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedJason Chan
 
Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013
Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013
Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013Amazon Web Services
 
Serverless security: defense against the dark arts
Serverless security: defense against the dark artsServerless security: defense against the dark arts
Serverless security: defense against the dark artsYan Cui
 
AWS re:Invent 2016: Securing Serverless Architectures, and API Filtering at L...
AWS re:Invent 2016: Securing Serverless Architectures, and API Filtering at L...AWS re:Invent 2016: Securing Serverless Architectures, and API Filtering at L...
AWS re:Invent 2016: Securing Serverless Architectures, and API Filtering at L...Amazon Web Services
 
Zero to Sixty: AWS OpsWorks (DMG202) | AWS re:Invent 2013
Zero to Sixty: AWS OpsWorks (DMG202) | AWS re:Invent 2013Zero to Sixty: AWS OpsWorks (DMG202) | AWS re:Invent 2013
Zero to Sixty: AWS OpsWorks (DMG202) | AWS re:Invent 2013Amazon Web Services
 
AWS re:Invent 2016: Robots: The Fading Line Between Real and Virtual Worlds (...
AWS re:Invent 2016: Robots: The Fading Line Between Real and Virtual Worlds (...AWS re:Invent 2016: Robots: The Fading Line Between Real and Virtual Worlds (...
AWS re:Invent 2016: Robots: The Fading Line Between Real and Virtual Worlds (...Amazon Web Services
 
Network Security and Access Control within AWS
Network Security and Access Control within AWS Network Security and Access Control within AWS
Network Security and Access Control within AWS Amazon Web Services
 
Introduction to Microservices
Introduction to MicroservicesIntroduction to Microservices
Introduction to MicroservicesAmazon Web Services
 
Serverless - When to FaaS?
Serverless - When to FaaS?Serverless - When to FaaS?
Serverless - When to FaaS?Benny Bauer
 
Serverless Security at LASCON 2017
Serverless Security at LASCON 2017Serverless Security at LASCON 2017
Serverless Security at LASCON 2017James Wickett
 

Contenu connexe

Tendances

Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...Amazon Web Services
 
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...Amazon Web Services
 
Deep Dive: AWS CloudHSM (Classic)
Deep Dive: AWS CloudHSM (Classic)Deep Dive: AWS CloudHSM (Classic)
Deep Dive: AWS CloudHSM (Classic)Amazon Web Services
 
(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the CloudAmazon Web Services
 
Aws security overview q3 2010 v2
Aws security overview q3 2010 v2Aws security overview q3 2010 v2
Aws security overview q3 2010 v2ReadMaloney
 
(SEC315) AWS Directory Service Deep Dive
(SEC315) AWS Directory Service Deep Dive (SEC315) AWS Directory Service Deep Dive
(SEC315) AWS Directory Service Deep Dive Amazon Web Services
 
AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...
AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...
AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...Amazon Web Services
 
(SEC307) A Progressive Journey Through AWS IAM Federation Options
(SEC307) A Progressive Journey Through AWS IAM Federation Options(SEC307) A Progressive Journey Through AWS IAM Federation Options
(SEC307) A Progressive Journey Through AWS IAM Federation OptionsAmazon Web Services
 
Keynote - Cloudy Vision: How Cloud Integration Complicates Security
Keynote - Cloudy Vision: How Cloud Integration Complicates SecurityKeynote - Cloudy Vision: How Cloud Integration Complicates Security
Keynote - Cloudy Vision: How Cloud Integration Complicates SecurityCloudVillage
 
Cloud Security at Netflix
Cloud Security at NetflixCloud Security at Netflix
Cloud Security at NetflixJason Chan
 
Netflix security monkey overview
Netflix security monkey overviewNetflix security monkey overview
Netflix security monkey overviewRyan Hodgin
 
AWS re:Invent 2016: [JK REPEAT] Serverless Architectural Patterns and Best Pr...
AWS re:Invent 2016: [JK REPEAT] Serverless Architectural Patterns and Best Pr...AWS re:Invent 2016: [JK REPEAT] Serverless Architectural Patterns and Best Pr...
AWS re:Invent 2016: [JK REPEAT] Serverless Architectural Patterns and Best Pr...Amazon Web Services
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedJason Chan
 
Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013
Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013
Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013Amazon Web Services
 
Serverless security: defense against the dark arts
Serverless security: defense against the dark artsServerless security: defense against the dark arts
Serverless security: defense against the dark artsYan Cui
 
AWS re:Invent 2016: Securing Serverless Architectures, and API Filtering at L...
AWS re:Invent 2016: Securing Serverless Architectures, and API Filtering at L...AWS re:Invent 2016: Securing Serverless Architectures, and API Filtering at L...
AWS re:Invent 2016: Securing Serverless Architectures, and API Filtering at L...Amazon Web Services
 
Zero to Sixty: AWS OpsWorks (DMG202) | AWS re:Invent 2013
Zero to Sixty: AWS OpsWorks (DMG202) | AWS re:Invent 2013Zero to Sixty: AWS OpsWorks (DMG202) | AWS re:Invent 2013
Zero to Sixty: AWS OpsWorks (DMG202) | AWS re:Invent 2013Amazon Web Services
 
AWS re:Invent 2016: Robots: The Fading Line Between Real and Virtual Worlds (...
AWS re:Invent 2016: Robots: The Fading Line Between Real and Virtual Worlds (...AWS re:Invent 2016: Robots: The Fading Line Between Real and Virtual Worlds (...
AWS re:Invent 2016: Robots: The Fading Line Between Real and Virtual Worlds (...Amazon Web Services
 
Network Security and Access Control within AWS
Network Security and Access Control within AWS Network Security and Access Control within AWS
Network Security and Access Control within AWS Amazon Web Services
 

Tendances (20)

Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...
 
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...
You Can’t Protect What You Can’t See: AWS Security Monitoring & Compliance Va...
 
Deep Dive: AWS CloudHSM (Classic)
Deep Dive: AWS CloudHSM (Classic)Deep Dive: AWS CloudHSM (Classic)
Deep Dive: AWS CloudHSM (Classic)
 
(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud(SEC202) Best Practices for Securely Leveraging the Cloud
(SEC202) Best Practices for Securely Leveraging the Cloud
 
Aws security overview q3 2010 v2
Aws security overview q3 2010 v2Aws security overview q3 2010 v2
Aws security overview q3 2010 v2
 
(SEC315) AWS Directory Service Deep Dive
(SEC315) AWS Directory Service Deep Dive (SEC315) AWS Directory Service Deep Dive
(SEC315) AWS Directory Service Deep Dive
 
AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...
AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...
AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...
 
(SEC307) A Progressive Journey Through AWS IAM Federation Options
(SEC307) A Progressive Journey Through AWS IAM Federation Options(SEC307) A Progressive Journey Through AWS IAM Federation Options
(SEC307) A Progressive Journey Through AWS IAM Federation Options
 
Keynote - Cloudy Vision: How Cloud Integration Complicates Security
Keynote - Cloudy Vision: How Cloud Integration Complicates SecurityKeynote - Cloudy Vision: How Cloud Integration Complicates Security
Keynote - Cloudy Vision: How Cloud Integration Complicates Security
 
Cloud Security at Netflix
Cloud Security at NetflixCloud Security at Netflix
Cloud Security at Netflix
 
Netflix security monkey overview
Netflix security monkey overviewNetflix security monkey overview
Netflix security monkey overview
 
AWS re:Invent 2016: [JK REPEAT] Serverless Architectural Patterns and Best Pr...
AWS re:Invent 2016: [JK REPEAT] Serverless Architectural Patterns and Best Pr...AWS re:Invent 2016: [JK REPEAT] Serverless Architectural Patterns and Best Pr...
AWS re:Invent 2016: [JK REPEAT] Serverless Architectural Patterns and Best Pr...
 
Cloud Application Security: Lessons Learned
Cloud Application Security: Lessons LearnedCloud Application Security: Lessons Learned
Cloud Application Security: Lessons Learned
 
Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013
Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013
Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013
 
Serverless security: defense against the dark arts
Serverless security: defense against the dark artsServerless security: defense against the dark arts
Serverless security: defense against the dark arts
 
AWS re:Invent 2016: Securing Serverless Architectures, and API Filtering at L...
AWS re:Invent 2016: Securing Serverless Architectures, and API Filtering at L...AWS re:Invent 2016: Securing Serverless Architectures, and API Filtering at L...
AWS re:Invent 2016: Securing Serverless Architectures, and API Filtering at L...
 
Zero to Sixty: AWS OpsWorks (DMG202) | AWS re:Invent 2013
Zero to Sixty: AWS OpsWorks (DMG202) | AWS re:Invent 2013Zero to Sixty: AWS OpsWorks (DMG202) | AWS re:Invent 2013
Zero to Sixty: AWS OpsWorks (DMG202) | AWS re:Invent 2013
 
AWS re:Invent 2016: Robots: The Fading Line Between Real and Virtual Worlds (...
AWS re:Invent 2016: Robots: The Fading Line Between Real and Virtual Worlds (...AWS re:Invent 2016: Robots: The Fading Line Between Real and Virtual Worlds (...
AWS re:Invent 2016: Robots: The Fading Line Between Real and Virtual Worlds (...
 
Network Security and Access Control within AWS
Network Security and Access Control within AWS Network Security and Access Control within AWS
Network Security and Access Control within AWS
 
Introduction to Microservices
Introduction to MicroservicesIntroduction to Microservices
Introduction to Microservices
 

En vedette

Serverless - When to FaaS?
Serverless - When to FaaS?Serverless - When to FaaS?
Serverless - When to FaaS?Benny Bauer
 
Serverless Security at LASCON 2017
Serverless Security at LASCON 2017Serverless Security at LASCON 2017
Serverless Security at LASCON 2017James Wickett
 
Liquid Day - Serverless
Liquid Day - ServerlessLiquid Day - Serverless
Liquid Day - ServerlessSoftware Guru
 
Serverless Security Automation | AWS Public Sector Summit 2017
Serverless Security Automation | AWS Public Sector Summit 2017Serverless Security Automation | AWS Public Sector Summit 2017
Serverless Security Automation | AWS Public Sector Summit 2017Amazon Web Services
 
Serverless Design Patterns for Rethinking Traditional Enterprise Application ...
Serverless Design Patterns for Rethinking Traditional Enterprise Application ...Serverless Design Patterns for Rethinking Traditional Enterprise Application ...
Serverless Design Patterns for Rethinking Traditional Enterprise Application ...Amazon Web Services
 
Security Best Practices for Serverless Applications - July 2017 AWS Online T...
Security Best Practices for Serverless Applications - July 2017 AWS Online T...Security Best Practices for Serverless Applications - July 2017 AWS Online T...
Security Best Practices for Serverless Applications - July 2017 AWS Online T...Amazon Web Services
 
Serverless by Example: Building a Real-Time Chat System
Serverless by Example: Building a Real-Time Chat SystemServerless by Example: Building a Real-Time Chat System
Serverless by Example: Building a Real-Time Chat SystemAmazon Web Services
 
Serverless Architectural Patterns and Best Practices
Serverless Architectural Patterns and Best PracticesServerless Architectural Patterns and Best Practices
Serverless Architectural Patterns and Best PracticesAmazon Web Services
 

En vedette (8)

Serverless - When to FaaS?
Serverless - When to FaaS?Serverless - When to FaaS?
Serverless - When to FaaS?
 
Serverless Security at LASCON 2017
Serverless Security at LASCON 2017Serverless Security at LASCON 2017
Serverless Security at LASCON 2017
 
Liquid Day - Serverless
Liquid Day - ServerlessLiquid Day - Serverless
Liquid Day - Serverless
 
Serverless Security Automation | AWS Public Sector Summit 2017
Serverless Security Automation | AWS Public Sector Summit 2017Serverless Security Automation | AWS Public Sector Summit 2017
Serverless Security Automation | AWS Public Sector Summit 2017
 
Serverless Design Patterns for Rethinking Traditional Enterprise Application ...
Serverless Design Patterns for Rethinking Traditional Enterprise Application ...Serverless Design Patterns for Rethinking Traditional Enterprise Application ...
Serverless Design Patterns for Rethinking Traditional Enterprise Application ...
 
Security Best Practices for Serverless Applications - July 2017 AWS Online T...
Security Best Practices for Serverless Applications - July 2017 AWS Online T...Security Best Practices for Serverless Applications - July 2017 AWS Online T...
Security Best Practices for Serverless Applications - July 2017 AWS Online T...
 
Serverless by Example: Building a Real-Time Chat System
Serverless by Example: Building a Real-Time Chat SystemServerless by Example: Building a Real-Time Chat System
Serverless by Example: Building a Real-Time Chat System
 
Serverless Architectural Patterns and Best Practices
Serverless Architectural Patterns and Best PracticesServerless Architectural Patterns and Best Practices
Serverless Architectural Patterns and Best Practices
 

Similaire à Serverless Security: What's Left to Protect?

Serverless Security: What's Left To Protect
Serverless Security: What's Left To ProtectServerless Security: What's Left To Protect
Serverless Security: What's Left To ProtectGuy Podjarny
 
Securing Serverless - By Breaking In
Securing Serverless - By Breaking InSecuring Serverless - By Breaking In
Securing Serverless - By Breaking InGuy Podjarny
 
Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021lior mazor
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecLalit Kale
 
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...apidays
 
RIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombRIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombPriyanka Aash
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security PresentationSimplex
 
Jobvite: A Holistic Approach to Security
Jobvite: A Holistic Approach to SecurityJobvite: A Holistic Approach to Security
Jobvite: A Holistic Approach to SecurityTheodore Kim
 
Securing Underprotected APIs - Deja vu Security
Securing Underprotected APIs - Deja vu SecuritySecuring Underprotected APIs - Deja vu Security
Securing Underprotected APIs - Deja vu SecurityDeja vu Security
 
AusCERT - Developing Secure iOS Applications
AusCERT - Developing Secure iOS ApplicationsAusCERT - Developing Secure iOS Applications
AusCERT - Developing Secure iOS Applicationseightbit
 
iOS Application Security.pdf
iOS Application Security.pdfiOS Application Security.pdf
iOS Application Security.pdfRavi Aggarwal
 
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCanSecWest
 
Abusing bleeding edge web standards for appsec glory
Abusing bleeding edge web standards for appsec gloryAbusing bleeding edge web standards for appsec glory
Abusing bleeding edge web standards for appsec gloryPriyanka Aash
 
Application Security within Agile
Application Security within AgileApplication Security within Agile
Application Security within AgileNetlight Consulting
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataPrecisely
 
Expand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataExpand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataPrecisely
 
Security as Code: DOES15
Security as Code: DOES15Security as Code: DOES15
Security as Code: DOES15Ed Bellis
 
apidays New York 2023 - Putting yourself out there - how to secure your publi...
apidays New York 2023 - Putting yourself out there - how to secure your publi...apidays New York 2023 - Putting yourself out there - how to secure your publi...
apidays New York 2023 - Putting yourself out there - how to secure your publi...apidays
 
Serverless security - how to protect what you don't see?
Serverless security - how to protect what you don't see?Serverless security - how to protect what you don't see?
Serverless security - how to protect what you don't see?Sqreen
 

Similaire à Serverless Security: What's Left to Protect? (20)

Serverless Security: What's Left To Protect
Serverless Security: What's Left To ProtectServerless Security: What's Left To Protect
Serverless Security: What's Left To Protect
 
Securing Serverless - By Breaking In
Securing Serverless - By Breaking InSecuring Serverless - By Breaking In
Securing Serverless - By Breaking In
 
Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021Application security meetup k8_s security with zero trust_29072021
Application security meetup k8_s security with zero trust_29072021
 
For Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSecFor Business's Sake, Let's focus on AppSec
For Business's Sake, Let's focus on AppSec
 
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
apidays LIVE Paris - Serverless security: how to protect what you don't see? ...
 
RIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob HolcombRIoT (Raiding Internet of Things) by Jacob Holcomb
RIoT (Raiding Internet of Things) by Jacob Holcomb
 
Cisco Security Presentation
Cisco Security PresentationCisco Security Presentation
Cisco Security Presentation
 
Jobvite: A Holistic Approach to Security
Jobvite: A Holistic Approach to SecurityJobvite: A Holistic Approach to Security
Jobvite: A Holistic Approach to Security
 
Securing Underprotected APIs - Deja vu Security
Securing Underprotected APIs - Deja vu SecuritySecuring Underprotected APIs - Deja vu Security
Securing Underprotected APIs - Deja vu Security
 
AusCERT - Developing Secure iOS Applications
AusCERT - Developing Secure iOS ApplicationsAusCERT - Developing Secure iOS Applications
AusCERT - Developing Secure iOS Applications
 
Hacking Mobile Apps
Hacking Mobile AppsHacking Mobile Apps
Hacking Mobile Apps
 
iOS Application Security.pdf
iOS Application Security.pdfiOS Application Security.pdf
iOS Application Security.pdf
 
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoTCSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
CSW2017 Yuhao song+Huimingliu cyber_wmd_vulnerable_IoT
 
Abusing bleeding edge web standards for appsec glory
Abusing bleeding edge web standards for appsec gloryAbusing bleeding edge web standards for appsec glory
Abusing bleeding edge web standards for appsec glory
 
Application Security within Agile
Application Security within AgileApplication Security within Agile
Application Security within Agile
 
Controlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and DataControlling Access to IBM i Systems and Data
Controlling Access to IBM i Systems and Data
 
Expand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and DataExpand Your Control of Access to IBM i Systems and Data
Expand Your Control of Access to IBM i Systems and Data
 
Security as Code: DOES15
Security as Code: DOES15Security as Code: DOES15
Security as Code: DOES15
 
apidays New York 2023 - Putting yourself out there - how to secure your publi...
apidays New York 2023 - Putting yourself out there - how to secure your publi...apidays New York 2023 - Putting yourself out there - how to secure your publi...
apidays New York 2023 - Putting yourself out there - how to secure your publi...
 
Serverless security - how to protect what you don't see?
Serverless security - how to protect what you don't see?Serverless security - how to protect what you don't see?
Serverless security - how to protect what you don't see?
 

Plus de Guy Podjarny

Secure Node Code (workshop, O'Reilly Security)
Secure Node Code (workshop, O'Reilly Security)Secure Node Code (workshop, O'Reilly Security)
Secure Node Code (workshop, O'Reilly Security)Guy Podjarny
 
Stranger Danger (NodeSummit, 2016)
Stranger Danger (NodeSummit, 2016)Stranger Danger (NodeSummit, 2016)
Stranger Danger (NodeSummit, 2016)Guy Podjarny
 
Stranger Danger: Securing Third Party Components (Tech2020)
Stranger Danger: Securing Third Party Components (Tech2020)Stranger Danger: Securing Third Party Components (Tech2020)
Stranger Danger: Securing Third Party Components (Tech2020)Guy Podjarny
 
High Performance Images: Beautiful Shouldn't Mean Slow (Velocity EU 2015)
High Performance Images: Beautiful Shouldn't Mean Slow (Velocity EU 2015)High Performance Images: Beautiful Shouldn't Mean Slow (Velocity EU 2015)
High Performance Images: Beautiful Shouldn't Mean Slow (Velocity EU 2015)Guy Podjarny
 
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)Guy Podjarny
 
High Performance Images: Beautiful Shouldn't Mean Slow
High Performance Images: Beautiful Shouldn't Mean SlowHigh Performance Images: Beautiful Shouldn't Mean Slow
High Performance Images: Beautiful Shouldn't Mean SlowGuy Podjarny
 
Responsive In The Wild, 2014
Responsive In The Wild, 2014Responsive In The Wild, 2014
Responsive In The Wild, 2014Guy Podjarny
 
Third Party Performance (Velocity, 2014)
Third Party Performance (Velocity, 2014)Third Party Performance (Velocity, 2014)
Third Party Performance (Velocity, 2014)Guy Podjarny
 
Rules driven-delivery
Rules driven-deliveryRules driven-delivery
Rules driven-deliveryGuy Podjarny
 
Responsive In The Wild (SmashingConf, 2014)
Responsive In The Wild (SmashingConf, 2014)Responsive In The Wild (SmashingConf, 2014)
Responsive In The Wild (SmashingConf, 2014)Guy Podjarny
 
Putting Your Images on a Diet (SmashingConf, 2014)
Putting Your Images on a Diet (SmashingConf, 2014)Putting Your Images on a Diet (SmashingConf, 2014)
Putting Your Images on a Diet (SmashingConf, 2014)Guy Podjarny
 
Third party-performance (Airbnb Nerds, Nov 2013)
Third party-performance (Airbnb Nerds, Nov 2013)Third party-performance (Airbnb Nerds, Nov 2013)
Third party-performance (Airbnb Nerds, Nov 2013)Guy Podjarny
 
Third Party Performance
Third Party PerformanceThird Party Performance
Third Party PerformanceGuy Podjarny
 
A Picture Costs A Thousand Words
A Picture Costs A Thousand WordsA Picture Costs A Thousand Words
A Picture Costs A Thousand WordsGuy Podjarny
 
Step by Step Mobile Optimization
Step by Step Mobile OptimizationStep by Step Mobile Optimization
Step by Step Mobile OptimizationGuy Podjarny
 
Quantifying The Mobile Difference
Quantifying The Mobile DifferenceQuantifying The Mobile Difference
Quantifying The Mobile DifferenceGuy Podjarny
 
Performance Implications of Mobile Design (Perf Audience Edition)
Performance Implications of Mobile Design (Perf Audience Edition)Performance Implications of Mobile Design (Perf Audience Edition)
Performance Implications of Mobile Design (Perf Audience Edition)Guy Podjarny
 
Performance Implications of Mobile Design
Performance Implications of Mobile DesignPerformance Implications of Mobile Design
Performance Implications of Mobile DesignGuy Podjarny
 
Unravelling Mobile Web Performance
Unravelling Mobile Web PerformanceUnravelling Mobile Web Performance
Unravelling Mobile Web PerformanceGuy Podjarny
 
State Of Mobile Web Performance
State Of Mobile Web PerformanceState Of Mobile Web Performance
State Of Mobile Web PerformanceGuy Podjarny
 

Plus de Guy Podjarny (20)

Secure Node Code (workshop, O'Reilly Security)
Secure Node Code (workshop, O'Reilly Security)Secure Node Code (workshop, O'Reilly Security)
Secure Node Code (workshop, O'Reilly Security)
 
Stranger Danger (NodeSummit, 2016)
Stranger Danger (NodeSummit, 2016)Stranger Danger (NodeSummit, 2016)
Stranger Danger (NodeSummit, 2016)
 
Stranger Danger: Securing Third Party Components (Tech2020)
Stranger Danger: Securing Third Party Components (Tech2020)Stranger Danger: Securing Third Party Components (Tech2020)
Stranger Danger: Securing Third Party Components (Tech2020)
 
High Performance Images: Beautiful Shouldn't Mean Slow (Velocity EU 2015)
High Performance Images: Beautiful Shouldn't Mean Slow (Velocity EU 2015)High Performance Images: Beautiful Shouldn't Mean Slow (Velocity EU 2015)
High Performance Images: Beautiful Shouldn't Mean Slow (Velocity EU 2015)
 
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
 
High Performance Images: Beautiful Shouldn't Mean Slow
High Performance Images: Beautiful Shouldn't Mean SlowHigh Performance Images: Beautiful Shouldn't Mean Slow
High Performance Images: Beautiful Shouldn't Mean Slow
 
Responsive In The Wild, 2014
Responsive In The Wild, 2014Responsive In The Wild, 2014
Responsive In The Wild, 2014
 
Third Party Performance (Velocity, 2014)
Third Party Performance (Velocity, 2014)Third Party Performance (Velocity, 2014)
Third Party Performance (Velocity, 2014)
 
Rules driven-delivery
Rules driven-deliveryRules driven-delivery
Rules driven-delivery
 
Responsive In The Wild (SmashingConf, 2014)
Responsive In The Wild (SmashingConf, 2014)Responsive In The Wild (SmashingConf, 2014)
Responsive In The Wild (SmashingConf, 2014)
 
Putting Your Images on a Diet (SmashingConf, 2014)
Putting Your Images on a Diet (SmashingConf, 2014)Putting Your Images on a Diet (SmashingConf, 2014)
Putting Your Images on a Diet (SmashingConf, 2014)
 
Third party-performance (Airbnb Nerds, Nov 2013)
Third party-performance (Airbnb Nerds, Nov 2013)Third party-performance (Airbnb Nerds, Nov 2013)
Third party-performance (Airbnb Nerds, Nov 2013)
 
Third Party Performance
Third Party PerformanceThird Party Performance
Third Party Performance
 
A Picture Costs A Thousand Words
A Picture Costs A Thousand WordsA Picture Costs A Thousand Words
A Picture Costs A Thousand Words
 
Step by Step Mobile Optimization
Step by Step Mobile OptimizationStep by Step Mobile Optimization
Step by Step Mobile Optimization
 
Quantifying The Mobile Difference
Quantifying The Mobile DifferenceQuantifying The Mobile Difference
Quantifying The Mobile Difference
 
Performance Implications of Mobile Design (Perf Audience Edition)
Performance Implications of Mobile Design (Perf Audience Edition)Performance Implications of Mobile Design (Perf Audience Edition)
Performance Implications of Mobile Design (Perf Audience Edition)
 
Performance Implications of Mobile Design
Performance Implications of Mobile DesignPerformance Implications of Mobile Design
Performance Implications of Mobile Design
 
Unravelling Mobile Web Performance
Unravelling Mobile Web PerformanceUnravelling Mobile Web Performance
Unravelling Mobile Web Performance
 
State Of Mobile Web Performance
State Of Mobile Web PerformanceState Of Mobile Web Performance
State Of Mobile Web Performance
 

Dernier

A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 

Dernier (20)

A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

Serverless Security: What's Left to Protect?