The serverless intro
The security part
The closing demo
Physical Servers
On Premise
IaaS
Infrastructure
PaaS
Platform
SaaS FaaS
Software Function
1. Injection 1. Injection
2. Broken Authentication 2. Broken Authentication
3. Sensitive Data Exposure 3. Sensitive Data Exposure
4. XML External Entities (XXE) 4. XML External Entities (XXE)
5. Broken Access Control 5. Broken Access Control
6. Security Misconfiguration 6. Security Misconfiguration
7. Cross-Site Scripting (XXS) 7. Cross-Site Scripting (XXS)
8. Insecure Deserialization 8. Insecure Deserialization
9. Using Components with Known Vulnerabilities 9. Using Components with Known Vulnerabilities
10. Insufficient Logging & Monitoring 10. Insufficient Logging & Monitoring
Vulnerable OS dependencies
Denial of Service (DoS)
Long-lived compromised servers
Secure coding
Sanitize input