Alexa, Hack My Server(less) Please

Watch on YouTube

Show annotations




Genre: Travel & Events

Family friendly? Yes

Wilson score: 0.9226

Rating: 4.9111 / 5

Engagement: 0.029%

Black Hat

Subscribe | 144K

Shared March 19, 2020

When adopting serverless technology, we eliminate the need to manage a server for our application. By doing so, we also pass some of the security threats to the cloud provider. We do not need to care about OS patching and configuration any more. It's all in the safe hands of the service providers. In this talk, I will examine the Serverless #1 risk: Event injection and will demonstrate injection attacks form multiple event types, such as emails, logs, files and even through Alexa.

By Tal Melamed

Full Abstract & Presentation Materials: