Market Overview

PureSec Debuts Free Serverless Protection Library to Help Harden Serverless Security


PureSec Debuts Free Serverless Protection Library to Help Harden Serverless Security

New security library for AWS Lambda empowers developers to create more robust serverless functions with minimal effort

PR Newswire

TEL AVIV, Israel, September 5, 2018 /PRNewswire/ --

PureSec, the leader in serverless security, has released a free serverless security protection library for AWS Lambda functions that enables developers to harden the behavior of serverless runtimes and immunize functions against unwanted and potentially malicious behavior.

The security library, dubbed "FunctionShield", is easily installed as a code dependency and provides developers with the ability to define simple yet extremely powerful protections in code.

There have been numerous cases in recent years where malicious actors created bogus packages that look authentic, or infected existing open source packages with code that leaks sensitive data such as credentials or environment variables. According to a recent survey of 16,000 developers by Npm inc., 77% of the respondents were concerned with the security of open source software packages. Some organizations have responded to this threat by isolating their sensitive AWS Lambda functions inside a Virtual Private Cloud (VPC) and using a NAT gateway to monitor/restrict outbound traffic. However, this VPC-based solution presents its own technical challenges.

"FunctionShield" equips developers with the ability to easily define strict security controls on serverless functions by addressing 3 common use-cases:

  1. Disable outbound internet connections from the AWS Lambda runtime environment, if such connections are not required
  2. Disable read/write disk operations on the /tmp/ directory, if such operations are not required
  3. Disable shell process execution, if such execution is not required by the function  

FunctionShield has received very positive reviews. Jeremiah Grossman, previously founder of WhiteHat Security and today CEO of Bit Discovery, praised "the price ($0), approach, and functionality" describing the extremely low impact on performance as "NICE!".

Yan Cui, principal developer at DAZN, AWS Serverless Hero and the man behind, praised Functionshield: "All serverless developers should use FunctionShield as part of every new function they develop," he said.

"When we discuss serverless security with developers and architects, we constantly hear about the need to regain some security control over the runtime environment," said Ory Segal, PureSec CTO and co-founder. "We distilled the three most common requests we heard from developers into this free protection library, in the hopes that it will help to enhance trust and confidence in this terrific technology, which we believe is the future of cloud computing."

The library can be downloaded for free by anyone from the following page: .

In addition to hardening functions, the library also provides real-time deep security forensic information from inside the serverless runtime, straight to the AWS CloudWatch logging service. At the moment, the library already supports Node.js and Python functions running on AWS Lambda.

You can see a "How to use FunctionShield" demo here:

About PureSec   

As the global leader in serverless architectures security, PureSec enables its customers to build and maintain secure and reliable serverless applications. The company's end-to-end serverless security solution is the industry's first and most comprehensive Serverless Security Runtime Environment (SSRE).

To learn how PureSec solutions and its team of serverless security experts are helping businesses to secure their serverless applications, please visit, and follow @PureSecTeam on Twitter.

Media Contact  

Lazer Cohen

WestRay Communications 


View Comments and Join the Discussion!