Build & maintain complex distributed systems
October 1–2, 2017: Training
October 2–4, 2017: Tutorials & Conference
New York, NY

Serverless security: What's left to protect?

Guy Podjarny (Snyk)
1:30pm2:10pm Tuesday, October 3, 2017
Average rating: *****
(5.00, 1 rating)

Who is this presentation for?

  • DevOps engineers, developers, engineers, and security professionals

Prerequisite knowledge

  • A basic understanding of serverless architecture

What you'll learn

  • Learn how serverless impacts security—what it makes worse and what it helps to mitigate
  • Gain exposure to the knowledge and tools you need to help keep your serverless apps secure and resilient


Serverless (FaaS) addresses some of today’s biggest security concerns. By eliminating infrastructure management, it moves the responsibility for server management from the application owner to the platform provider. Having dedicated experts maintaining those environments helps to mitigate several issues related to unpatched servers, compromised infrastructure, and even denial of service attacks.

Unfortunately, attackers won’t give up; they’ll simply adapt to this new world. More specifically, FaaS will move attackers’ focus from the servers to application concerns. In response, defenders must adjust their efforts accordingly.

Guy Podjarny explores what serverless means for security, discussing the security considerations that serverless helps to mitigate, the security issues that remain the same, and perhaps most importantly, the security issues that are even more critical in a serverless environment—and what you can do to defend your application against them.

Photo of Guy Podjarny

Guy Podjarny


Guy Podjarny is Snyk’s co-founder and CEO, focusing on using open source and staying secure. Guy was previously CTO at Akamai following their acquisition of his startup,, and worked on the first web app firewall & security code analyzer. Guy is a frequent conference speaker & the author of O’Reilly “Securing Open Source Libraries”, "Responsive & Fast” and “High Performance Images”.