Serverless Development And Its Uncommon API Security

Matteo Rosi
Matteo Rosi Contrast Security

While Serverless code contains a mixture of cloud configurations and application programming interfaces (API) calls, legacy security solutions lack the context that is necessary in a serverless environment, and the consequence is a lack of observability and slower response times. This means that the security teams struggle to keep up with the speed of development and the security is left behind. Attackers, on the other-hand, take advantage of these uncharted waters to exploit serverless environments in the wild. In most cases we don’t even hear about it because no one knows before something really bad happens.

In this talk, we will discuss common risks and challenges in serverless environments as well as new attack vectors and common techniques attackers use to exploit Serverless applications. These include uncommon Cloud APIs, such as Emails, Storage and even Voice-to-Text, that if not protected correctly could lead into a cloud disaster.

Smarter Tech Decisions Using APIs

Smarter Tech Decisions Using APIs

API blog

High impact blog posts and eBooks on API business models, and tech advice

API conferences

Connect with market leading platform creators at our events

API community

Join a helpful community of API practitioners

API Insights Straight to Your Inbox!

Can't make it to the event? Signup to the Nordic APIs newsletter for quality content. High impact blog posts on API business models and tech advice.

Join Our Thriving Community

Become a part of our global community of API practitioners and enthusiasts. Share your insights on the blog, speak at an event or exhibit at our conferences and create new business relationships with decision makers and top influencers responsible for API solutions.