Learning Serverless Security: Hacking and Securing Serverless Cloud Applications on Aws, Azure, and Google Cloud
暫譯: 學習無伺服器安全：在 AWS、Azure 和 Google Cloud 上駭客攻擊與保護無伺服器雲端應用程式

Despite the increased adoption of serverless computing services around the world, a big gap still exists when it comes to serverless security knowledge and expertise. This gap comes with a steep price: the increased risk of data breaches as more companies store their data in the cloud.

This practical guide covers the relevant offensive and defensive security techniques to audit and secure serverless applications running on AWS, Azure, and Google Cloud. You'll learn how to attack and defend a variety of vulnerable serverless applications using the step-by-step instructions. By the end of this book, you'll have a solid understanding on how to prevent a variety of serverless application attacks and privilege escalation techniques.

Author Joshua Arvin Lat, chief technology officer at NuWorks Interactive Labs and AWS AI Hero, shows you how to:

• Identify and address vulnerabilities within modern serverless applications
• Dive deeper into serverless security risks and threats
• Explore privilege escalation techniques within vulnerable-by-design serverless lab environments
• Configure authentication and identity services properly on AWS, Azure, and Google Cloud
• Implement security strategies and best practices to prevent a variety of serverless application attacks
• Audit serverless function code using various security tools and strategies