One Day. One Track. One Community.
A world-renowned expert in application security, with 20 years of experience in the field. Ory is the CTO and co-founder of PureSec, a start-up that enables organizations to build and maintain secure and reliable serverless applications. Prior to PureSec, Ory was Sr. Director of Threat Research at Akamai, were he led a team of top web security & big data researchers. Prior to Akamai, Ory worked at IBM as the Security Products Architect and Product Manager for the market leading application security solution IBM Security AppScan. Ory authored 20 patents in the field of application security, static analysis, dynamic analysis, threat reputation systems, etc. Ory is serving as an officer of the Web Application Security Consortium (WASC), he is a member of the W3C WebAppSec working group, and was an OWASP Israel board member.
Your serverless functions are probably the least secure compute service in your cloud env. Unfortunately, traditional application security solutions are unsuitable for serverless. In this talk we will present the paradigm shift required for serverless app security, the risks, and mitigations. Topics covered: - Why traditional application security solutions are unsuitable - The challenges with testing and protecting serverless applications - The Serverless Security Top 10 Most Common Weaknesses Guide - Mitigation techniques