LASCON 2017 has ended
Thursday, October 26 • 2:00pm - 3:00pm
Serverless security: A pragmatic primer for builders and defenders

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Serverless is the design pattern for writing applications at scale without the necessity of managing infrastructure. This is done across the continuum of cloud—from storage as a service to database as a service, but the center of serverless is functions as a service (FaaS). (Current FaaS offerings include AWS Lambda, Azure Functions, and Google Cloud Functions.) Now processes run for milliseconds before being destroyed and then get instantiated for subsequent requests.

Serverless adds simplicity and a new economic model to cloud computing, but it creates some unique security challenges. In serverless architectures, technologies like antivirus and intrusion detection become meaningless. James Wickett explores practical security approaches for serverless in four key areas—the software supply chain, the delivery pipeline, data flow, and attack detection—and examines how traditional approaches need to be adapted to serverless.

Even if you don’t have any experience with serverless, don’t worry; this session starts with the basics. You’ll learn what serverless is (hint: it’s still being defined) and practical patterns for serverless adoption.

avatar for James Wickett

James Wickett

Head of Research, Signal Sciences
James spends a lot of time at the intersection of the DevOps and Security communities. He works as Head of Research at Signal Sciences and is a supporter of the Rugged Software and DevSecOps movements. Seeing the gap in software testing, James founded an open source project, Gauntlt... Read More →

Thursday October 26, 2017 2:00pm - 3:00pm
Security Innovation Room

Attendees (12)