Serverless architectures take the idea of microservices to the extreme. To implement secure serverless architectures, you have to understand how to compartmentalize programs at the function level. You also need to factor in security practices: Serverless architectures are susceptible to traditional attacks such as SQL injection and command injection, along with a wide variety of privilege escalation and sensitive data disclosure attacks. Developers must consider what would happen if an attacker attempted to invoke each of their functions directly. What if one of those functions were to...
Eric Sheridan
Chief Scientist
WhiteHat Security
As chief scientist at WhiteHat Security, Eric oversees research and development for Sentinel Source and related products. Eric leads the WhiteHat Certified Secure Developer (WCSD) program, a free training program designed to educate and certify developers on secure coding and application security best practices. Prior to joining WhiteHat, Eric cofounded Infrared Security, specializing in application security and next-generation static analysis technologies that were ultimately integrated within WhiteHat Sentinel Source. He earned a bachelor of science degree in computer science with a track in security from Towson University.