#middleware #serverless #faas #lambda #aws

GoIntercept: v0.3.1 Released

Version 0.3.1 of GoIntercept is here! Elegant and modular middleware for AWS Lambdas with Golang This release contains the following updates: Interceptors AddHeader and AddSecurityHeaders now add HTTP headers only when a proper API Gateway Response has been previously created Interceptor CreateAPIGatewayProxyResponse now gracefully handles uncaught HTTP errors (a new type HTTPError was added!) and creates a proper API Gateway Proxy Response for them. To trigger this new behavior, it is recommended to generate errors using the new type HTTPError A new interceptor to provide JSON schema validation. ...

#middleware #serverless #faas #lambda #aws

Simplify your AWS Lambda functions with GoIntercept

A middleware layer allows developers to focus on business logic when designing and implementing Lambda functions. This way, additional functionality like authentication/authorization, input validation, and serialization, can be added in a modular and reusable way. Web frameworks such as Echo, Spiral, Gin, among others, provide middleware functionality to wrap HTTP requests and thus provide additional features without polluting the core logic in the HTTP handler. Similar frameworks exist for the development of AWS Lambda functions. ...

#api security #serverless #faas #csa #lambda #aws

Harden your Serverless API (DoS and Function Orchestration)

DoS attacks and their distributed versions are among the most disastrous consequences of poor API configuration. The dynamic and elastic nature of cloud services makes this type of attack highly insidious and resource-consuming. Similarly, simple mistakes in execution flow configuration can open numerous attack avenues that can be exploited without major effort. This post continues where the previous one left off. Let’s take a look. Denial-of-Service (DoS) Attacks Serverless architecture’s core features such as automated scalability and high availability present challenges that need to be overcome. ...

#api security #serverless #faas #csa #lambda #aws

Harden your Serverless API (Monitoring and Encryption)

In my previous post, we went over the basics of hardening the security of serverless functions. We highlighted the importance of good practices such as input validation, proper authentication, and fine-grained authorization. In this post, we will take a look at an additional set of best practices related to proper monitoring and logging, third-party dependency management, and sensitive information encryption. Common Vulnerabilities And Their Mitigation (continued) The next three items in the 12 Most Critical Risks for Serverless Applications published by the Cloud Security Alliance have to do with vulnerabilities related to lack of proper monitoring, improper dependency management, and poor secret management. ...

#api security #serverless #faas #csa #lambda #aws

Harden your Serverless API (The Basics)

Serverless Functions (SFs) changed the API game. Developers can build and deploy an API without any knowledge of infrastructure controls. No checks by a DevOps team, a security team, or other Enterprise IT groups that traditionally could control the launch of new business applications. Absolute, total freedom! Plus, gone are the days in which APIs were limited to HTTP events. Any cloud resource is now a potential API trigger that adds highly beneficial flexibility to design cloud-native applications. ...

#api security #authentication #authorization

API Security - Authentication and Authorization

Massive amounts of data are being transmitted using systems that are not designed for security from the ground up. Even private APIs will sooner or later be broken, exposed, or hacked. Therefore, a solid API security approach should be designed and implemented with public access in mind and it should involve not only the API itself but also the client applications that use it. This means that both enterprise and mobile client applications must be treated as first-class citizens when designing an API security solution. ...