Learning Serverless Security

Despite the increased adoption of serverless computing services around the world, a big gap still exists when it comes to serverless security knowledge and expertise. This gap comes with a steep price: the increased risk of data breaches as more companies store their data in the cloud.This practical guide covers the relevant offensive and defensive security techniques to audit and secure serverless applications running on AWS, Azure, and Google Cloud. You'll learn how to attack and defend a variety of vulnerable serverless applications using the step-by-step instructions. By the end of this book, you'll have a solid understanding on how to prevent a variety of serverless application attacks and privilege escalation techniques.Author Joshua Arvin Lat, chief technology officer at NuWorks Interactive Labs and AWS Machine Learning Hero, shows you how to:Identify and exploit vulnerabilities within modern serverless applicationsPerform privilege escalation techniques in cloud environmentsUse automated tools and services for offensive and defensive securityConfigure authentication and identity services properly on AWS, Azure, and Google CloudImplement security strategies and best practices to prevent a variety of serverless application attacksAudit serverless environments using a variety of security tools and frameworks