Tel Aviv, Israel
Feb 28, 2019 | By Ory Segal
PureSec recently joined the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. As part of this new partnership with the CSA, we are pleased to announce the release of a new serverless security guide titled “The 12 Most Critical Risks for Serverless Applications”
Feb 27, 2019 | By Ory Segal
AWS API Gateway enables developers to create, publish, maintain, monitor, and secure APIs. Together with AWS Lambda, API Gateway forms the app-facing part of the AWS serverless infrastructure. With AWS API Gateway, you can run a fully managed REST API that integrates with AWS Lambda functions to execute business logic.
Feb 12, 2019 | By PureSec Team
The cloud-security world entered a new age with the introduction of serverless computing. While developers quickly embrace serverless to rapidly build and deploy cloud applications, security and risk management leaders are lagging behind on their understanding of the security risks and best-practices.
Feb 8, 2019 | By Ory Segal
Here's a short blog post on design-for-failure, serverless scalability, App layer DoS and what happens when you rely on open source 3rd party libraries.
Jan 24, 2019 | By Ory Segal
Security is a shared responsibility between the cloud provider and the customer. This shared model can help relieve customer’s operational burden as cloud providers operate, manage and control the components from the host operating system and virtualization layer down to the physical security of the facilities in which the service operates.
Feb 28, 2019 | By PureSec
Cloud Security Alliance (CSA) and PureSec Proudly Present: The Most Comprehensive Guide Covering the Top Potential Risks for Applications Built on Serverless Architectures and how to mitigate them.
Feb 25, 2019 | By PureSec
As many organizations are still exploring serverless architectures, or just making their first steps in the serverless world, we believe that this eBook is critical for their success in building robust, secure and reliable AWS Lambda based applications.
Feb 25, 2019 | By PureSec
We urge all organizations to adopt this document and use it during the process of designing, developing and testing serverless applications in order to minimize security risks. This document will be maintained and enhanced periodically based on input from the community, as well as research and analysis of the most common serverless architecture risks.
Sep 7, 2018 | By PureSec
Hacking serverless applications. This is a demo showing how an attacker exploits an RCE vulnerability in a serverless application, together with abusing over-privileged AWS IAM permissions on a DynamoDB table in order to exfiltrate sensitive data.
Aug 11, 2018 | By PureSec
Regain security control over your serverless runtime. FunctionShield is a 100% free security library that equips developers with the ability to easily enforce strict security controls on AWS Lambda function runtime.
Jul 6, 2018 | By PureSec
A 1:1 interview on serverless security with Yan Cui, Principal Engineer at DAZN and Ory Segal, CTO and co-founder at PureSec + A live demo of how to immunize a vulnerable serverless function against SQL Injection and data leakage with PureSec.