Open in app

Sign in

Write

Sign in

Nihal Pasham
1 min readApr 3, 2018

If you’ve been following my last few posts, you probably know that I’m a big advocate of #serverless, especially in the context of #security #automation. Firstly, thank you to everyone who’s provided feedback and ideas on the subject; truly helped provide a perspective.

Some of you have asked for #practical #applications of a serverless architecture in the SecOps world i.e. stuff that yields tangible benefits.

Here’s a link to my #GitHub repo: https://bit.ly/2uDG7Y2 which contains a couple of (lightweight) examples. Just some of the ideas for what’s possible with #Serverless #SecOps.

• Serverless TLS health reporting infrastructure via SSL labs

• Serverless automation of periodic #pentests: a DNS tunneling example

• Serverless SOC tooling basics: Bad IP and domain checks via apility

The repo contains serverless functions for all of the above — you can run these atop #AWS #lambda. Here is a working link for the TLS Health reporting function — https://bit.ly/2pWqfeF. Add the query parameters ‘hostname=’{domain name}’and optionally ‘checkcache={cache}’

PS: Please don’t maxout the working link, its a personal account. I presume a Nodejs/Go expert would love to improve upon the example code. Feel free.

Stay tuned! More to come

Serverless
Devsecops
Automation
AWS
Nihal Pasham
Nihal Pasham

Written by Nihal Pasham

240 Followers
33 Following

Product Security | IoT Edge & Cloud Security | Security Strategist | Adversarial Resilience & Neural Networks

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams