| Track: | |
|---|---|
| When: | Wed PM-1 |
| Where: | Portland |
| Organizers | Giorgio Bonfiglio Giorgio Bonfiglio , James Wharton James Wharton |
| Participants | Andrew Johnstone Andrew Johnstone , John Killilea John Killilea , Vladimir Voskresenskiy Vladimir Voskresenskiy , Jaimen Lathia Jaimen Lathia , Chris Allen Chris Allen , Simon Pavillon Simon Pavillon , Stephen de Vries Stephen de Vries , Mario Platt Mario Platt , Aurelijus Stanislovaitis Aurelijus Stanislovaitis , Daniel Garcia (cr0hn) Daniel Garcia (cr0hn) , Francois Raynaud Francois Raynaud , Gabor Pek Gabor Pek , Giorgio Bonfiglio Giorgio Bonfiglio , Imran Mohammed A Imran Mohammed A , Paul Dubourg Paul Dubourg , Stu Hirst Stu Hirst , Thomas Franceschini Thomas Franceschini , Wayne Moore Wayne Moore |
| Remote Participants | Abhi Raj Abhi Raj , Anton Delsink Anton Delsink , Barbara Prevel Barbara Prevel , Lubo Vikev Lubo Vikev , Madhu Akula Madhu Akula , Mohanish Mahajan Mohanish Mahajan , Mustaqiim Muhar Mustaqiim Muhar , Sergio Issi Sergio Issi , Vandana Verma Vandana Verma |
Why
Because AWS Lambda lets us run code without provisioning or managing servers. What security risks are in place?
What
- How to do security reviews on code running on AWS Lambda?
- How to add Security to DevOps practices?
- How to detect malicious functions?
- What features are missing?
- Are users aware of existing features?
Outcomes
AWS Lambda Security Cheatsheet AWS Lambda Security To-Do scripts AWS Lambda Security Checklist
Who
The target audience for this Working Session is:
- AWS Security team
- AWS Lambda developers
- AWS Lamba users
Working materials
Here are the current ‘work in progress’ materials for this session (please add as much information as possible before the sessions)
Previous Summit Working Session
https://owaspsummit.org/Working-Sessions/Tools/AWS-Lambda-Security.html