Serverless abstracts bare metal, not the burden. In fast, event-driven clouds, threats often outpace traditional controls. Misconfigurations, fuzzy trust boundaries, and brittle integrations open new attack surfaces: vulnerable libraries, leaky secrets, wildcard IAM, and misconfigured triggers. In this immersive 3-hour workshop, you will build a hands-on cloud lab with serverless components to design and secure an end-to-end AI pipeline using LynxLab. Through gamified, branch-by-branch challenges, teams will identify vulnerabilities, trace real-world attack paths, and map findings to STRIDE and OWASP Serverless categories. We will examine how ephemeral execution, event chains, and implicit trust can be abused, and how to close those gaps without slowing delivery. You will leave with practical patterns, and defensive strategies for identity, secrets, triggers, and observability, plus a focused playbook to reduce blast radius and ship resilient, modern serverless applications.

Managed compute removes bare metal infrastructures, not responsibility. In FaaS platforms, speed and elasticity make it easy to misconfigure, and ephemeral function chains with granular integrations create exposure points that legacy controls miss. This technical session unpacks real attacker tradecraft against function-based apps, including dependency flaws, credential leakage, overly broad permissions, and unsafe event bindings. Rather than slideware, we focus on field-tested playbooks: threat mapping, least-privilege design, guardrails for events, secrets handling, and observability that actually catches misuse while teams keep shipping. Built for engineers and defenders working on highly automated stacks where sightlines are thin and blast radius can grow quickly, the talk also introduces LynxLab, our open lab that lets you build a mini FaaS pipeline, probe it with realistic kill chains, and practice concrete countermeasures to harden managed runtimes without losing delivery speed