Attacking Serverless Applications

beginner
hands-on

Register

With the advent of serverless computing, the developers no longer have to worry about servers. The infrastructure management tasks like capacity provisioning, patching, etc. are handled by the cloud service provider allowing developers to focus only on writing the code.

Serverless architecture is said to be more secure compared to traditional architecture. However, this does not mean that attacks cannot be performed on it. This course is focused on attack vectors on the Azure and AWS serverless application stack.

The class will be conducted on our cloud-based, state-of-the-art lab platform where attendees will be doing 15+ unique lab exercises in class! Over 90% of class time will be spent on these hands-on labs!

Following topics will be covered during the session:

  1. Key concepts of AWS and Azure
  2. Serverless application stack
  3. Attack vectors on serverless applications
  4. Post Exploitation threatscape
  5. Capture The Flag

Prerequisites

  1. Basic knowledge of computers and networking
  2. Familiarity with the Linux operating system

Target Audience

  1. Cybersecurity Enthusiasts
  2. Penetration testers
  3. Cloud Application Developers
  4. Security researchers, analysts, and students

Students should bring

  1. Laptop with at least 4 GB RAM
  2. Latest Chrome/Firefox browser installed
  3. WiFi adaptor to connect to WiFi

    4. What will you learn!

    1. Understanding of Azure/AWS serverless application stack
    2. Hands-on knowledge of attacking serverless applications
    3. Familiarity with post-exploitation attack vectors./li>

    About Trainer :

    Shantanu Kale is a Cloud Developer at INE with strong roots in cloud, Linux and web application security. He has published his work in BlackHat Asia and have led teams for various national level hackathons, including the Smart India Hackathon, conducted by GoI. His areas of interest include Advanced Pentesting, Cloud security, Malware Analysis, Cryptography, Web Application Security and AD Security.

    Rachana Umaraniya is a Cloud Developer at INE and has two years of experience in software development. She specializes in building applications with Java frameworks and is well versed with databases. She has a Master’s degree in Computer Science from NIT Hamirpur. Her area of interest includes cloud security, cryptography, web application and docker security.