Episode 1: Security Challenges With The Growing World Of Serverless Functions

Episode 1 November 04, 2018 00:37:41
Episode 1: Security Challenges With The Growing World Of Serverless Functions
SilverLining IL
Episode 1: Security Challenges With The Growing World Of Serverless Functions
/

Hosted By

Moshe Ferber Ariel Munafo

Show Notes

Attendees

Guest: Ory Segal, Puresec

Guest title:  CTO & Co-Founder at PureSec

Company:  Puresec is the global leader in serverless architectures security.

 

Serverless functions are one the most interesting things that is happening in architecture of application development. With Serverless, application developers can stop worry about the underlying infrastructure and scalability of the application, but they must address other risks at application level. In this podcast we are interviewing Puresec CTO, Ory Segal , co-author of the top 12 risks to serverless applications

 

Timing

0:00 – 2:35 – intro

2:35 – 8:05 - what are Serverless functions

8:05- 12:20 - how Serverless is different (security wise)

12:20 -  19:40 - Serverless risks & threats

19:40 -  24:00 - common mistakes and misconfiguration with Serverless

24:00 – 29:30 - Serverless effect on people, process and technology

29:30 – 37:00 – Summary and conclusions

Other Episodes

Episode 21

August 03, 2020 00:26:59
Episode Cover

Episode 21: Building The Next Generation Of Cloud Services

Attendees Guest: Eran Feigenbaum Guest title:  CSO, Oracle Cloud Abstract The first generation of cloud services began about 15 years ago and stretched until now, but it came with many built-in challenges due to lack of maturity and the fact that security was added on top and not present from the start. In this episode we talk with Eran Feigenbaum, CISO of Oracle cloud about the next generation of cloud services - how can we build cloud that is more secure,, immuned to miss-configuration and other pitfalls that are relevant to today's cloud services. Timing: 0:00 introducing our guest 5:40 Generation one of cloud infrastructure 8:40 so what is second generation of cloud infrastructure 10:30 how Oracle is planning to change the cloud market 11:40 how second generation cloud services can help with common mistakes such as misconfiguration 13:35 what cloud provider should do in order to increase security 16:05 how cloud providers can  be proactive with their customers 19:00 handling miss-configuration such as open buckets and lost API’s keys 23:40 summary and last words ...

Listen

Episode 28

November 11, 2020 00:29:02
Episode Cover

Episode 28: Analyzing Cloud Attack Vectors - SaaS Marketplaces and Office 365 BEC

Attendees Guest: Ofer Maor Guest title: Co-Founder & CTO  Company: Mitiga Abstract The recent increase of cloud based attacks gives us an opportunity to examine new attack vectors and how attackers exploit new services. In this episode we talked with Ofer Maor, Co-Founder at Mitiga, about new attack vectors in cloud computing and how attackers exploit new services such as marketplaces, community repos and other examples. Timing: 0:00 Introducing our guest and Mitiga 3:32 Preparing for cloud incident response  7:15 Cloud attack vector - malicious AMI 11:00 More attack vectors on marketplaces 13:18 Github attack vectors 18:15 attack vector - Business email compromise on 365 25:44 how to mitigate cloud incidents 27:58 Summary and last words ...

Listen

Episode 46

February 09, 2022 00:27:40
Episode Cover

SilverLining Episode 46: Securing Small & Medium businesses

Guest: Alex Peleg Guest title: Co-founder and CVO at Cynergy Language: English   Abstract Small and medium businesses are currently the most vulnerable sector in the market. They don’t have the knowledge and awareness to secure their own operations, and security vendors and IT services companies often neglect this sector. In this episode we spoke with Alex Peleg, CVO at Cynergy, on the challenges of securing SMB and how regulators, Security vendors and the security community should bridge the gap of knowledge and awareness in the SMB market.   ...

Listen