I Accept Serverless, I’m Not Sure Whether It Accepts Me


Serious attention is being paid to Serverless and Functions as a Service (FaaS) through open source offerings like OpenWhisk and paid offerings from AWS Lambda, Google Cloud Functions and Azure Compute. The growth of serverless adoption has been exponential for some time now, enough so to warrant some introspection from a security practitioner's perspective. This talk examines the shift from traditional security to cloud and serverless security models.

Cody Wood worked for a period of time in mining (not data) operations in the high desert of California. His initial interests in the security space started at a very early age, but he never really put any effort into pursuing those endeavors. About four years ago that all changed. After getting kicked out of a .NET programming bootcamp in Houston, TX he interned at a hackerspace and started working at the best company for aspiring inexperienced hackers (Whitehat Security). Specializing in the general vertical of application security with a non traditional background has provided him with some interesting lessons.

Cody currently works as a technical account manager at Signal Sciences in their new headquartes in Culver City and is enamored with appsec and the ruggedization of the DevOps methodology.