homepage
Open menu
Contact Sales

SANS Workshop: Attacking and Defending Serverless Applications

  • Tuesday, 26 Jul 2022 12:00PM EDT (26 Jul 2022 16:00 UTC)
  • Speaker: Ryan Nicholson

You have been tasked to perform security testing of a development application named evidence-app which is used by the Sherlock team to collect, store, and hash evidence data - before the application is deployed into production. To do this, you will set up a temporary deployment of this application in your own AWS account, perform a series of attacks against the application to determine any weaknesses, and then ensure that, if weaknesses are found, ample logging is in place to detect the malice.

Throughout the workshop, you will learn about some common attack techniques targeting a cloud-based application, how to ensure that logging is in place to detect these types of activities, and how to analyze the log data to discover the attack. This workshop contains components of several SANS Cloud Curriculum courses: SEC488, SEC541, SEC588 to help you on your journey to becoming a more well-rounded SANS Cloud Ace.

Prerequisites: An AWS account with root or Administrator Access permissions
System Requirements:
Google Chrome web browser
Access to *.amazonaws.com over 443/tcp

Login to Register
Serverless_Applications_-_Workshop_-_7.224.jpg

Related Content

Blog
CLD_-_Aviata_Cloud_Solo_Flight_Challenge_-_General_-_Workshop_340_x_340.jpg
Cloud Security
Aviata Cloud Solo Flight Challenge
Master cloud security by tackling this free series of workshops.
Cloud_Ace_Final.png
SANS Cloud Security
read more
Blog
N2C_blog_image.png
Security Awareness, Cybersecurity Leadership, Cloud Security, Open-Source Intelligence (OSINT), Industrial Control Systems Security, Digital Forensics, Incident Response & Threat Hunting, Cybersecurity and IT Essentials, Cyber Defense, Offensive Operations, Pen Testing, and Red Teaming, CyberLive, Workforce Development, Career Development, Why Certify, Imposter Syndrome, NetWars, Mentorship, Job Hunting, Operating System & Device In-Depth, Artificial Intelligence (AI)
A Visual Summary of SANS New2Cyber Summit 2024
Check out these graphic recordings created in real-time throughout the event for SANS New2Cyber Summit 2024
370x370-person-placeholder.png
Alison Kim
read more
Blog
340x340-Homepage_Inclusions_Cloud_Security_Curriculum.jpg
Cloud Security
Cloud Agnostic or Devout?
Why Securing Multiple Clouds Using Terraform is Harder Than You Think
BrandonEvans_Headshot_370x370.png
Brandon Evans
read more