AWS Security Best Practices for API Gateway

AWS Security Best Practices for API Gateway

API Gateway Overview AWS API Gateway enables developers to create, publish, maintain, monitor, and secure APIs. Together with AWS Lambda, API Gateway forms the app-facing part of the AWS serverless infrastructure ...
AWS Security Groups: What They Are and How to Get the Most Out of Them

AWS Security Groups: What They Are and How to Get the Most Out of Them

AWS Security Groups are a flexible tool to help you secure your Amazon EC2 instances. AWS Security Groups are just one of several tools AWS offers to help you secure your cloud ...
AWS Lambda Security Best-Practices eBook

AWS Lambda Security Best-Practices eBook

PureSec releases a security awareness and education guide for organizations developing serverless applications on AWS Lambda As serverless adoption is expected to continue growing in 2019 and reach new audiences, PureSec sees ...
AWS Security Best Practices: Lambda DoS Mitigation Strategies

AWS Security Best Practices: Lambda DoS Mitigation Strategies

Overview How to avoid DoS and design resilient serverless applications is one of the most common topics we hear when discussing AWS Lambda security with organizations that are in the process of ...
AWS Security Best Practices: AWS Lambda Security - Design for Failure

AWS Security Best Practices: AWS Lambda Security – Design for Failure

For security experts, the terms “Remote Code Execution” (RCE) or “Arbitrary Code Execution” makes the hairs on the back of their neck stand on end. This is because RCE is among the ...
AWS Lambda Security Quick Guide

AWS Lambda Security Quick Guide

In January 2018, the world's first Serverless Security Top 10 guide was published. The guide was an effort lead by PureSec together with industry thought leaders, and covered topics such as AWS ...
AWS Security Best Practices: Config Rules for AWS Lambda Security

AWS Security Best Practices: Config Rules for AWS Lambda Security

AWS Config Overview When it comes to AWS services, in my mind, I generally divide them into two classes. You have the operative services such as Lambda, S3, and the rest of ...
Talking Serverless And AWS Lambda Security With Jeff Forristal

Talking Serverless And AWS Lambda Security With Jeff Forristal

Introduction In my previous blog interview with Jeremiah Grossman, I mentioned that throughout the years, I befriended a small group of people, with which every discussion is always intriguing, challenging and truly ...
22 Most Under-Used AWS Security Metrics

22 Most Under-Used AWS Security Metrics

22 AWS Security Pros Reveal the Most Underused/Under-Appreciated AWS Security Metrics AWS offers a variety of built-in security features that users can take advantage of, but it’s easy for users of all ...