Overview of the OWASP Serverless Top 10

A list of YouTube videos explaining each serverless security risk

This YouTube video series provides quick overviews of serverless applications' top 10 cybersecurity risks. Each video covers the risk and some recommendations on how to address it.

Why is the OWASP Serverless Top 10 important?

In this video, I discussed the reasons why the OWASP Serverless Top 10 cybersecurity risks for a serverless application are important to consider.

Injection attacks

In this video, I discussed what is the injection attack.

Broken authorization

In this video, I discussed what is broken authentication and authorization.

Sensitive data exposure

In this video, I discussed the sensitive data exposure risk.

XML external entities

In this video, I discussed the XML external entities risk.

Broken access control

In this video, I discussed the broken access control risk.

Security misconfiguration

In this video, I discussed the security misconfiguration risk.

Cross-site script attacks

In this video, I discussed cross-site scripting (XSS).

Insecure deserialization

In this video, I discussed the insecure deserialization risk.

Vulnerable components

I discussed the risk of using components with known vulnerabilities in this video.

Logging and monitoring

In this video, I discussed the insufficient logging and monitoring risk.

Before you go

These are other posts you might enjoy.

What the OWASP API Security Top 10 2023 means for serverless applications