aws-lambda
Safeguard articles tagged "aws-lambda" — guides, analysis, and best practices for software supply chain and application security.
6 articles
Securing AWS Lambda functions
A practical guide to AWS Lambda security best practices: IAM scoping, dependency risk, secrets handling, and runtime detection for serverless apps.
Serverless security implications from infra to OWASP
Serverless shrinks the OS attack surface but expands the IAM and dependency one. Here's how the OWASP Serverless Top 10 maps to real 2021-era incidents.
What is Serverless Security
Serverless security protects function code, IAM roles, and event triggers where traditional host-based scanning and patching don't apply.
Automating secret rotation with AWS Secrets Manager
A step-by-step guide to configuring AWS Secrets Manager rotation for RDS credentials, deploying the rotation Lambda function, and verifying it actually works.
Firecracker micro-VM Security Model
AWS built Firecracker to run Lambda. The security model is the entire value proposition, and it holds up under scrutiny.
SBOMs for Serverless Applications: What Changes and What Doesn't
Serverless doesn't mean dependency-free. Here's how to generate and manage SBOMs for Lambda functions, Azure Functions, and Cloud Functions.