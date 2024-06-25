Book description
Despite the increased adoption of serverless computing services around the world, a big gap still exists when it comes to serverless security knowledge and expertise. This gap comes with a steep price: the increased risk of data breaches as more companies store their data in the cloud.
This practical guide covers the relevant offensive and defensive security techniques to audit and secure serverless applications running on AWS, Azure, and Google Cloud. You'll learn how to attack and defend a variety of vulnerable serverless applications using the step-by-step instructions. By the end of this book, you'll have a solid understanding on how to prevent a variety of serverless application attacks and privilege escalation techniques.
Author Joshua Arvin Lat, chief technology officer at NuWorks Interactive Labs, shows you how to:
- Identify and exploit vulnerabilities within modern serverless applications
- Perform privilege escalation techniques in cloud environments
- Use automated tools and services for offensive and defensive security
- Configure authentication and identity services properly on AWS, Azure, and Google Cloud
- Implement security strategies and best practices to prevent a variety of serverless application attacks
- Audit serverless environments using a variety of security tools and frameworks
Table of contents
- Preface
-
1. Introduction to Serverless Computing
- Demystifying Serverless Computing
-
Common Myths and Misconceptions on Serverless Computing
- Myth # 1: Serverless == FaaS
- Myth # 2: Serverless computing and containerization don’t work well together
- Myth # 3: Serverless applications only support a limited number of languages
- Myth # 4: Serverless applications are difficult to manage
- Myth # 5: Serverless applications are immune to security attacks
-
2. Understanding Serverless Architectures and Implementation Patterns
- Serverless Services in the Public Cloud
- Serverless Architectures and Common Implementation Patterns
- Development and Deployment Tools and Frameworks
Product information
- Title: Learning Serverless Security
- Author(s):
- Release date: June 2024
- Publisher(s): O'Reilly Media, Inc.
- ISBN: 9781098148997
