pure-sec-logo.png
  • PRODUCTS
    • Serverless Security Platform
    • FunctionShield (free)
  • RESOURCES
    • WATCH A DEMO
    • SERVERLESS SECURITY TOP 10
    • AWS LAMBDA SECURITY [eBook]
    • SERVERLESS CRYPTO MINING
    • THE "6 PRINCIPLES" GUIDE
    • OPENWHISK WEAKNESS
    • SSP vs. Traditional Protections
  • BLOG
  • WEBINARS
    • On-demand: Foundations of AWS Lambda Security
    • On-demand: Serverless Security 101
    • On Demand: Joint Webinar With Yan Cui
  • ABOUT
    • PURESEC MANAGEMENT
    • INVESTORS
    • CAREERS
    • NEWS
    • FAQ
  • GET PURESEC

PureSec for AWS Lambda Security

Develop, Deploy & Monitor Secure AWS Lambda Applications with PureSec

serverless application security challenges

Developing robust event-driven serverless applications on AWS Lambda (amazon web services) and making sure that application code doesn't introduce vulnerabilities is your responsibility. However, when you adopt serverless, you must be aware of the following application security challenges:

 

no-serverNo Infrastructure
When you deploy AWS lambda functions, you are giving away the responsibility and control over the runtime environment to AWS. On one hand, this removes the need to patch and secure the underlying infrastructure, but on the other hand, you cannot deploy traditional security layers such as EPP, IPS/IDS, WAF or RASP, which are critical for protecting your application's code


icons8-cloud-80Cloud-Native Events
AWS Lambda serverless functions are triggered by a wide range of cloud-native AWS event types such as: API Gateway, DynamoDB, Kinesis, SQS, SNS, SES, etc. Each event type has its own message format and it's own encoding schemes. Traditional application security solutions are incapable of inspecting cloud-native AWS event triggers for two main reasons:

  • They cannot be deployed in-line between the service that generates the event and your functions
  • They are incapable of parsing, analyzing and understanding cloud-native events

icons8-warning-shield-80Visibility to Attacks
Both traditional and cloud-native logging solutions have severe visibility gaps when it comes to serverless application layer security. Successful protection against application layer attacks always starts with visibility - if you don't know you are being targeted, how will you be able to defend your functions?

Puresec SSP FOR AWS LAMBDA SECURITY

PureSec's Serverless Security Platform (SSP) is designed exclusively for AWS Lambda applications, and provides an end-to-end application security solution for serverless, which is tightly integrated into the CI/CD process.

3pillars-1


CICD

Secure Serverless CI/CD

PureSec SSP seamlessly integrates into your CI/CD process. During development and build time, serverless projects are statically scanned to pinpoint risks related to over-permissive IAM roles, insecure storage of application secrets, and known vulnerable 3rd. party dependencies. With PureSec SSP integrated into your CI/CD, you are guaranteed to ship robust serverless code at all times.


vscode

Serverless Runtime Protection FOR AWS LAMBDA

PureSec SSP provides automatic defense against application-layer attacks such as SQL injections, remote code execution, attempts to subvert function logic and unauthorized malicious actions. Protection is initiated when the function is invoked, where the serverless application firewall employs rigorous security algorithms to detect event-data injection attacks. Once event data is found to be legitimate, the functions is allowed to run, and a machine-learning based behavioral protection engine closely monitors function execution to detect unauthorized interactions and operation.


product_dashboard

Unparalleled Security Visibility

PureSec SSP integrates deep into your AWS Lambda functions, providing unparalleled visibility into application layer attacks. See what your functions are doing in a way you've never seen before. For each security event, PureSec customers receive access to forensic data, allowing them to perform deep investigations into AWS Lambda security incidents, in real time. PureSec SSP provides simple Integrations with existing SIEM solutions, so your DevSecOps teams can receive event information and notifications in the tools of their choice.

 

Watch the PureSec Serverless Security Platform in action in this demo movie.

apn advanced badge
PRODUCT & TECHNOLOGY
  • Serverless Security Platform
  • Integrations
  • Platform Support
  • Request Demo
RESOURCES
  • Serverless Security Top 10
  • Blog
  • FAQ
COMPANY
  • About Us
  • Careers
  • Contact Us
PureSec Serverless Security (Logo) © 2019 PureSec
PRIVACY POLICY
TERMS OF USE