Hacking Serverless Runtimes: Profiling AWS Lambda Azure Functions and More

Black Hat USA 2017

Presented by: Graham Jones, Andrew Krug
Date: Wednesday July 26, 2017
Time: 13:30 - 14:20
Location: Jasmine Ballroom

Serverless technology is getting increasingly ubiquitous in the enterprise and startup communities. As micro-services multiply and single purpose services grow, how do you audit and defend serverless runtimes? The advantages of serverless runtimes are clear: increased agility, ease of use, and ephemerality (i.e., not managing a fleet of "pet" servers). There is a trade off for that convenience though - reduced transparency. In this talk, we will deep dive into both public data and information unearthed by our research to give you the full story on serverless, how it works, and attack chains in the serverless cloud(s) Azure, AWS, and a few other sandboxes. Who will be the victor in the great sandbox showdown?

Andrew Krug

Andrew Krug is a Security Engineer for Mozilla Corporation working on Cloud Security and Identity and Access Management. Krug also works as a Cloud Security consultant and started the ThreatResponse project a toolkit for Amazon Web Services first responders. Krug has been a speaker at Black Hat USA, DerbyCon, and BSides PDX.

Graham Jones

Graham Jones is a software developer for LegitScript. Jones comes from a liberal arts background and works on platform to make the Internet a safer, more transparent, and more independent place than we found it.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats