The Evolution of Application Security In The Serverless World

With developers more empowered than ever and infrastructure abstracted away, what is the new role of application security? We sat down with Amit Klein, who is considered by many to be one of the founding fathers of modern application security, to talk about how the move to serverless architectures, microservices, ... Read More

The 12 Most Critical Risks for Serverless Applications 2019 Guide

PureSec recently joined the Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. As part of this new partnership with the CSA, we are pleased to announce the release of a new serverless security ... Read More

AWS Security Best Practices for API Gateway

API Gateway Overview AWS API Gateway enables developers to create, publish, maintain, monitor, and secure APIs. Together with AWS Lambda, API Gateway forms the app-facing part of the AWS serverless infrastructure ... Read More

Serverless Security And The Weakest Link (Or How Not to Get Nuked by App-DoS)

Here's a short blog post on design-for-failure, serverless scalability, App layer DoS and what happens when you rely on open source 3rd party libraries ... Read More

Serverless And The Evolution In Cloud Security, How FaaS Differs From IaaS

Security is a shared responsibility between the cloud provider and the customer. This shared model can help relieve customer’s operational burden as cloud providers operate, manage and control the components from the host operating system and virtualization layer down to the physical security of the facilities in which the service ... Read More

OWASP ‘ServerlessGoat’: A Vulnerable Demo Serverless Application

Throughout the years, the concept of creating vulnerable applications for learning and demonstrating application security concepts has become common practice . Years ago, OWASP launched the WebGoat project, which has since become the gold standard and to this day is still one of the most popular platforms for teaching web ... Read More

Google Cloud Functions Security: Now With FunctionShield Protection

Overview From the early days of PureSec, we’ve been talking about the fact that our technology was designed to be cross-platform, allowing it to run in any kind of serverless environment. PureSec customers can already deploy our serverless security solution for AWS Lambda and Azure Functions, and as of today, ... Read More