Behind the abstraction lies a misconception, that serverless means "less" responsibility. Spoiler alert - it doesn't! Fast and adaptable, serverless is also dangerously simple to configure incorrectly. In highly dynamic, event-driven Cloud environments, sporadic and fine-grained service integrations introduce unique attack surfaces that traditional security models fail to address.

This technical session dives deep into the tactics, techniques, and procedures (TTPs) adversaries use to exploit serverless applications via new attack vectors, including vulnerable libraries, leaky secrets, wildcard IAM roles, and insecure triggers. It also emphasizes actionable, tried-and-true methods over theory—equipping practitioners with the skills to defend modern serverless stacks while maintaining operational velocity.

The key takeaways from this session include a clear understanding of how serverless risks differ from traditional application threats, especially in areas like ephemeral execution, implicit trust boundaries, and event-driven attack vectors. Lastly, executives and architects will learn how these lines can be inadvertently crossed, exposing data or escalating privileges.