Intermediate

Attacking AWS Serverless Applications

Learning Path
AWS Security
Ideal for
Developer
Pentester
Cloud Engineer
3
Hours
18
Lessons
2
Cloud Labs

Serverless applications function very differently from traditional ones, both when it comes to operation and the security measures they employ. The fact that serverless apps are structured as numerous small functions creates new opportunities for intruders to exploit the greater attack surface. This course will take both Red and Blue Team approaches to serverless security in AWS, so you’ll learn not just how to passively protect apps, but actively use attackers’ strategies against them.

This course on AWS Serverless App Security begins with a look at the top 10 vulnerabilities in serverless architectures, similar to the OWASP Top 10. In the Red Team section, you’ll learn how to exploit insecure applications using many of the most severe flaws present in serverless.

The Blue Team approach will have us going through methods of securing serverless applications, including identity and access management, secrets management, and logging and monitoring functions. Finally, we’ll explore serverless vulnerability assessment for SAST, DAST and SCA, as well as CI/CD for serverless functions.

Every individual section in this course features extensive hands-on labs to showcase real-world scenarios and get you to practically try out everything you learn. Our material is a distillation of years of security testing experience, knowledge, and original research across our entire team. Once you’ve completed this course, you’ll be able to take what you’ve learned here and implement it directly in a modern AWS serverless stack.

You might also like these courses

Or explore these Learning Paths

Labs

Insecure Deserialization
Event Injection with XXE


Hands-on. Defensive. Bleeding-Edge.

There's no other training platform that does all three. Except AppSecEngineer.
Get Our Newsletter
Get Started
X
FOLLOW APPSECENGINEER
CONTACT

Contact Support

help@appsecengineer.com

1603 Capitol Avenue,
Suite 413A #2898,
Cheyenne, Wyoming 82001,
United States

Copyright AppSecEngineer © 2023