Alexa, Hack My Server(less) Please
Tal Melamed at Black Hat Europe 2019
When adopting serverless technology, we eliminate the need to manage a server for our application. By doing so, we also pass some of the security threats to the cloud provider. We do not need to care about OS patching and configuration any more. It's all in the safe hands of the service providers. In this talk, I will examine the Serverless #1 risk: Event injection and will demonstrate injection attacks form multiple event types, such as emails, logs, files and even through Alexa.
Full Abstract & Presentation Materials: https://www.blackhat.com/eu-19/briefings/schedule/#alexa-hack-my-serverless-please-17730
Full Abstract & Presentation Materials: https://www.blackhat.com/eu-19/briefings/schedule/#alexa-hack-my-serverless-please-17730