Deploy security controls for serverless apps with infrastructure-as-code tools
Many fundamental security practices and controls apply to serverless applications, including implementing proper monitoring and logging of all requests and events. Luis Eduardo Colon explores recommendations published by the Center for Internet Security (CIS), explains how to automate the deployment of some of these controls, and outlines considerations relevant to serverless functions.
| Talk Title | Deploy security controls for serverless apps with infrastructure-as-code tools |
| Speakers | Luis Colon (Amazon Web Services) |
| Conference | O’Reilly Velocity Conference |
| Conf Tag | Building and maintaining complex distributed systems |
| Location | San Jose, California |
| Date | June 12-14, 2018 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
Infrastructure-as-code tools can be used to automate the deployment of serverless functions and dependent resources in production environments, and the same tools can be used to deploy controls like monitoring and logging for these serverless applications. The Center for Internet Security (CIS) publishes benchmarks which provide consensus-based configuration guidelines developed by experts in US government, business, industry, and academia. Organizations can use these benchmarks to help assess and improve security controls. Luis Eduardo Colon demonstrates where monitoring and logging controls can be automatically deployed using infrastructure as code tools and how to best integrate this automation with serverless deployments. You’ll learn about the CIS AWS Foundations Benchmark V1.1.0, discover how accounts can be hardened, how to implement continuous monitoring capabilities, and what controls cannot be fully automated, and explore security considerations for serverless applications.
