Not your server, but still your code


Serious attention is being paid to Serverless and Functions as a Service (FaaS) through open source offerings like OpenWhisk and paid offerings from AWS Lambda, Google Cloud Functions and Azure Compute. The growth of serverless adoption has been exponential for some time now, enough so to warrant some introspection from a security practitioner's perspective. This talk examines the shift from traditional security to cloud and serverless security models.


Get prepared to see how a security professional can prepare for technologies that enable  business cultures to break down silos and democratize security across the organization. Even if you are completely new to serverless, this talk will get you up-to-speed and ready to understand how securities role within an organization changes under these new models.


Along the way we will be looking at some example attack vectors for serverless applications.

Ballroom A
Sunday, March 11, 2018 - 15:00 to 16:00