Serverless technology eliminates the need for development teams to provision servers, passing the responsibility for some security threats to the cloud provider and freeing-up developers to concentrate on building logic and producing value quickly. But even without servers, serverless functions still execute code, which can lead to a cloud disaster, if not done right. In this talk, we will discuss common risks and challenges in serverless environments. I will introduce techniques used by attackers to exploit Serverless apps in unconventional ways. I will also demonstrate exploits of recently discovered CVE, targeting cloud functions.

• What are the advantages of serverless technology for development teams, and how does it shift the responsibility for security threats to the cloud provider?
• What are potential risks and challenges that developers should be aware of to prevent cloud disasters?
• How can Contrast Security help the developers defend against attacks and secure their serverless apps effectively?