Behind the abstraction lies a misconception, that serverless means "less" responsibility. Spoiler alert - it doesn't! Fast and adaptable, serverless is also dangerously simple to configure incorrectly. In highly dynamic, event-driven Cloud environments, sporadic and fine-grained service integrations introduce unique attack surfaces that traditional security models fail to address.

This technical session dives deep into the tactics, techniques, and procedures (TTPs) adversaries use to exploit serverless applications via new attack vectors, including vulnerable libraries, leaky secrets, wildcard IAM roles, and insecure triggers. It also emphasizes actionable, tried-and-true methods over theory - equipping practitioners with the skills to defend modern serverless stacks while maintaining operational velocity.

This talk is designed for professionals building and securing cloud-native, serverless architectures, where visibility is limited, the blast radius is significant, and assumptions can be risky. We introduce LynxLab: (https://github.com/Shivamdhar/LynxLab), an open-source home lab framework developed by us to simulate realistic attack and defense scenarios in serverless environments, enabling practitioners to better understand and mitigate evolving cloud security threats.