https://jawspankration2024.jaws-ug.jp/en/timetable/TT-63/
Serverless environments, like those provided by AWS Lambda, offer managed layers, including OS and middleware, which are maintained securely by the cloud provider. However, are these layers always secure? The answer is no. These layers can be compromised by code with vulnerabilities.
This session explains the mechanism behind this, including the architecture of AWS Lambda and the attack process. Additionally, it covers how to protect against such attacks.