Skip to main content
HashnodeMiguel's Blog · Serverless · SecurityMiguel's Blog · Serverless · Security

Command Palette

Search for a command to run...

Overview of the OWASP Serverless Top 10 [videos]

Published
1 min read
Overview of the OWASP Serverless Top 10 [videos]
M
Miguel A. Calles MBA

Miguel is a Principal Engineer and the author of the “Serverless Security” book. He has worked on multiple serverless projects as a developer and security engineer, contributed to open-source serverless projects, and worked on large military systems in various engineering roles.

Part of seriesWhat is Serverless Security and How Do I Start?

This YouTube video series provides quick overviews of the top 10 cybersecurity risks for serverless applications. Each video covers the risk and some recommendations on how to address it.

Why is the OWASP Serverless Top 10 important?

In this video, I discussed the reasons why the OWASP Serverless Top 10 cybersecurity risks for a serverless application are important to consider.

https://www.youtube.com/watch?v=wWDzqrvt73A

Injection attacks

In this video, I discussed what is the injection attack.

https://www.youtube.com/watch?v=QhmAs30-b_k

Broken authorization

In this video, I discussed what is broken authentication and authorization.

https://www.youtube.com/watch?v=fDO4n3HrvQw

Sensitive data exposure

In this video, I discussed the sensitive data exposure risk.

https://www.youtube.com/watch?v=Q8j8Cu0jhqc

XML external entities

In this video, I discussed the XML external entities risk.

https://www.youtube.com/watch?v=wtgTtYXenyM

Broken access control

In this video, I discussed the broken access control risk.

https://www.youtube.com/watch?v=nqBQdAiTOb8

Security misconfiguration

In this video, I discussed the security misconfiguration risk.

https://www.youtube.com/watch?v=yDyYqDGph8c

Cross-site script attacks

In this video, I discussed the cross-site scripting (XSS).

https://www.youtube.com/watch?v=jyLOBsHg-7c

Insecure deserialization

In this video, I discussed the insecure deserialization risk.

https://www.youtube.com/watch?v=RlV79AmI6Yw

Vulnerable components

In this video, I discussed the risk of using components with known vulnerabilities.

https://www.youtube.com/watch?v=Ij6xU48K11k

Logging and monitoring

In this video, I discussed the insufficient logging and monitoring risk.

https://www.youtube.com/watch?v=2Alu17kfNQA

Before you go

About the author

#serverless#security#cybersecurity-1#aws

Comments

Join the discussion

No comments yet. Be the first to comment.

What is Serverless Security and How Do I Start?

Part 1 of 8

We will discuss aspects serverless security, and describe what you can do to start securing your serverless application. Visit <https://ServerlessSecurityBook.com> to level up and get the book.

Up next

Why I Wrote A Serverless Security Book

When I started working with the Serverless Framework I was curious about the security aspect. Previously, I was an information assurance (IA) engineer working on cybersecurity for US government military systems and I had become accustomed to using w...

More from this blog

M

Miguel's Blog · Serverless · Security

49 posts

Miguel A. Calles is the author of the Serverless Security book, and a Cybersecurity engineer who works on serverless and cloud computing projects.