I Can't Be Hacked... I'm Serverless!

Presented at SAINTCON 2019, Oct. 23, 2019, 1 p.m. (240 minutes)

**Training is limited to 40 people. Training is first come first serve!!!** Nobody appreciates a good server anymore! Today's developers are increasingly likely to take advantage of the services offered by the myriad public cloud vendors. And it's no wonder; they can focus on their code rather than maintaining and scaling the environment it runs on. While these modern conveniences make offloading risk easy, though, it can be easy to forget that you're still writing code, and responsible for application security! Join me on a quest to understand the OWASP Top Ten list as it applies to serverless (FaaS) environments. Attendees can expect to: - Learn the OWASP Top Ten concepts - Understand those vulnerabilities within the context of AWS Lambda - Learn ways to prevent such vulnerabilities **Training is limited to 40 people. Training is first come first serve!!!**


  • Kevin Lustic - Adobe
    Kevin is an Information Security researcher in Utah, leading the Adobe Red Team in performing offensive security testing against Adobe's Digital Experience SaaS offerings. Prior to joining Adobe, Kevin spent five years in the Intelligence Community as a global network vulnerability analyst, cryptanalyst, and developer in various roles. He earned his Bachelor's degree in Mathematics from Ohio University, and a Master's degree in Cyberspace Operations from the Air Force Institute of Technology under a grant from the NSF.


Similar Presentations: