Implementing Security Best Practices for Serverless Applications

Building with Serverless enables organizations to build and deploy applications without managing underlying infrastructure. Serverless strengthens your overall security posture by reducing attack surface and shifting security operations to AWS. In this session, we explore how to implement security best practices across the software delivery lifecycle and into production deployment. We’ll share lessons from working with numerous enterprise customers to enable your builders to be productive and innovative within security guardrails.

Key Takeaways:
See examples of practical defense in depth strategies when building and deploying your serverless applications. You’ll see core security practices with serverless services like AWS Lambda and Amazon API Gateway but will also learn about validation of untrusted payloads, authorization approaches, tagging strategies, and application of permission boundaries for developers. You will leave with concrete practices that you can implement today. Visit the governance guide on Serverless Land for additional content.

Webinar Recording

Presentation Materials