This week's articles
Leaky Serverless Framework
Corey Quinn raising an issue by which it seems the Serverless Framework will in some cases copy your API credentials to their own systems and execute things on your behalf.
#aws
#defend
GCP .actAs d-day > How not to remediate
Blog post detailing the .actAs permission, a little ditty on the history of this vulnerability and how to remediate before Google does it for you.
#gcp
#defend
#explain
AWS Lambda $LATEST is dangerous
You should always use function versioning. You should almost always use function aliases, which have a handful of benefits involving metrics in CloudWatch, IAM permissions, traffic-shifting, etc.
#aws
#build
|