Overview of the OWASP Serverless Top 10 [videos]

This YouTube video series provides quick overviews of the top 10 cybersecurity risks for serverless applications. Each video covers the risk and some recommendations on how to address it.

Why is the OWASP Serverless Top 10 important?

In this video, I discussed the reasons why the OWASP Serverless Top 10 cybersecurity risks for a serverless application are important to consider.

https://www.youtube.com/watch?v=wWDzqrvt73A

Injection attacks

In this video, I discussed what is the injection attack.

https://www.youtube.com/watch?v=QhmAs30-b_k

Broken authorization

In this video, I discussed what is broken authentication and authorization.

https://www.youtube.com/watch?v=fDO4n3HrvQw

Sensitive data exposure

In this video, I discussed the sensitive data exposure risk.

https://www.youtube.com/watch?v=Q8j8Cu0jhqc

XML external entities

In this video, I discussed the XML external entities risk.

https://www.youtube.com/watch?v=wtgTtYXenyM

Broken access control

In this video, I discussed the broken access control risk.

https://www.youtube.com/watch?v=nqBQdAiTOb8

Security misconfiguration

In this video, I discussed the security misconfiguration risk.

https://www.youtube.com/watch?v=yDyYqDGph8c

Cross-site script attacks

In this video, I discussed the cross-site scripting (XSS).

https://www.youtube.com/watch?v=jyLOBsHg-7c

Insecure deserialization

In this video, I discussed the insecure deserialization risk.

https://www.youtube.com/watch?v=RlV79AmI6Yw

Vulnerable components

In this video, I discussed the risk of using components with known vulnerabilities.

https://www.youtube.com/watch?v=Ij6xU48K11k

Logging and monitoring

In this video, I discussed the insufficient logging and monitoring risk.

https://www.youtube.com/watch?v=2Alu17kfNQA

Miguel is the author of the “Serverless Security” book, and a cybersecurity engineer.