Implementing Security Best Practices for Serverless Applications
On Demand
Building with Serverless enables organizations to build and deploy applications without managing underlying infrastructure. Serverless strengthens your overall security posture by reducing attack surface and shifting security operations to AWS. In this session, we explore how to implement security best practices across the software delivery lifecycle and into production deployment. We'll share lessons from working with numerous enterprise customers to enable your builders to be productive and innovative within security guardrails.
Key Takeaways: See examples of practical defense in depth strategies when building and deploying your serverless applications. You’ll see core security practices with serverless services like AWS Lambda and Amazon API Gateway but will also learn about validation of untrusted payloads, authorization approaches, tagging strategies, and application of permission boundaries for developers. You will leave with concrete practices that you can implement today. Visit the governance guide on Serverless Land for additional content.
Josh is the Worldwide Tech Leader for Serverless and a Principal Solutions Architect. He leads a global community of Serverless experts at AWS who help customers of all sizes, from start-ups to the world's largest enterprises, to effectively use AWS Serverless technologies. Josh has personal experience architecting cloud-native solutions and has a passion for helping customers meet and exceed their business requirements by focusing on what differentiates their business. Prior to joining AWS, Josh was a Technology Evangelist at Apple and a long-time technology consultant at Accenture.
Heeki Park is a Principal Solutions Architect at AWS. He spent his first 4 years at AWS in the Professional Services organization, where he helped enterprise customers think about how to build and operate cloud-native applications. He spent the last 3+ years at AWS as a serverless specialist, enabling the adoption of serverless and event-driven patterns, helping customers to push the envelope in the art of the possible on the AWS platform. With respect to serverless, Heeki is leading initiatives on governance, security, and pipeline automation. With the boom in generative AI, Heeki is investigating and leading initiatives with respect to next generation developer experience and generative AI applications.
