Today we are announcing general availability of our serverless security platform. We would like to thank all of our design partners and beta customers for supporting us since we started building our product in October 2016.
The PureSec Serverless Security Platform provides comprehensive threat protection for serverless architectures. Since the beta program launched in April 2018, we are already protecting customers with more than 2.5 billion monthly serverless function executions.
The adoption of serverless architectures on cloud providers like AWS Lambda and Microsoft Azure is growing exponentially, at an estimated rate of 700% a year. Organizations adopting serverless are still responsible for designing robust applications, and making sure that application code doesn’t introduce application-layer vulnerabilities. However, since organizations that use serverless architectures do not have access to the physical (or virtual) server or its operating system, they cannot deploy traditional security layers such as endpoint protection, host-based intrusion prevention, web application firewalls, or RASP (runtime application self-protection) solutions.
PureSec’s Serverless Security Platform is designed exclusively for serverless applications and defends against application-layer attacks such as NoSQL/SQL injections, remote code execution, attempts to subvert function logic and unauthorized malicious actions.
Key capabilities include:
- Fully automated & customizable serverless runtime file-system hardening, process execution monitoring and network access controls
- Serverless application firewall, capable of detecting and preventing event-based injection attacks (such as SQL Injection, XSS, Local File Inclusion, Runtime Code Injection, etc.)
- Intelligent machine-learning based behavioral protection engine, capable of detecting unknown attacks and 0-days
- Unparalleled visibility & control through a SaaS dashboard
- Serverless-centric static analysis for detecting & mitigating vulnerabilities during the CI/CD. The analyzer can detect & fix over-privileged IAM roles and permissions, known vulnerabilities in 3rd party libraries, and detect application secrets stored insecurely in the code
- Hassle-free deployment process – from zero to secure within 15 minutes
- Seamless integration into any CI/CD environment
- Seamless integration with cloud-native logging facilities, Splunk and other SIEMs
- 100% serverless deployment model – no infrastructure, servers or cloud instances needed
And in the words of our customers:
“Skyline AI is a real estate investment technology using proprietary artificial intelligence to outperform commercial real estate investment benchmarks. Our clients invest billions of dollars in real estate and thus keeping up with the latest security and privacy protection measures is something that is always on the top of our list. PureSec developed a revolutionary solution for serverless security, which was simple to install, and allowed us to protect our serverless functions within minutes. From the moment we deployed the PureSec platform, we were able to monitor our serverless functions with unparalleled visibility, which we never had before.” Or Hiltch, Co-Founder & CTO at Skyline AI
Get PureSec: HERE
Ory Segal, our CTO is running a webinar with a walk-through and a product demo, to attend the live session & Q&A register: here
*** This is a Security Bloggers Network syndicated blog from PureSec Blog (Launch) authored by PureSec Team. Read the original post at: https://www.puresec.io/blog/puresec-is-now-generally-available