Weekly update 20

You can become a serverless blackbelt. Enrol to my 4-week online workshop Production-Ready Serverless and gain hands-on experience building something from scratch using serverless technologies. At the end of the workshop, you should have a broader view of the challenges you will face as your serverless architecture matures and expands. You should also have a firm grasp on when serverless is a good fit for your system as well as common pitfalls you need to avoid. Sign up now and get 15% discount with the code yanprs15!

Hi, welcome to another weekly update.

Production-Ready Serverless is live!

It’s been a long time coming, my Manning video course Production-Ready Serverless is officially completed! All postscripts and other course materials have been added to the course. Manning is also running a special promotion for March so that ALL video courses are $25 each, what better time to learn about serverless? ;-)

Welcome PureSec as our sponsor for March!

It is my pleasure to welcome PureSec as sponsor for this month. Here’s a message from PureSec to explain what they’re building and their vision for Serverless security.

PureSec: The Leading Serverless Security Solution.
PureSec’s Serverless Security Platform is designed exclusively for serverless applications, and provides an end-to-end application security solution for serverless, which is tightly integrated into the CI/CD process. The platform provides protection for applications using public cloud serverless architecture such as AWS Lambda, so you can ensure that your functions are free from risk and safe from threats at every stage of the application lifecycle.
Key platform features:
  • Serverless asset inventory and unparalleled real time threat visibility
  • Risk management and security posture analysis
  • Automatically generates IAM Roles – makes sure your AWS Lambda permissions are least-privileged
  • Serverless-focused static analysis for detection and mitigation of weaknesses, vulnerabilities and misconfigurations during development
  • Serverless application firewall capable of detecting and stopping event-data injection attacks such as: SQL injection, Cross-Site-Scripting, External XML entities, Runtime code injection, Local file include and Command injections
  • ML-based behavioral protection capable of detecting and preventing malicious behavior such as data leakage through outbound network connections, execution of malicious processes, unauthorized access to the file-system
  • Integration with SIEM systems and data analysis platforms such as Splunk.

Give PureSec a try and enjoy a 30-days free trial at https://www.puresec.io/get-puresec

New posts

Chaos test your Lambda functions with Thundra. I wrote a guest post for Thundra on their new SDK and how you can use its failure injection capabilities to chaos test your function. These tests help you identify weaknesses in your code so that you can patch them before these failure modes actually happen in production. Weaknesses such as missing timeout handling so that slow response from a dependency can cause the function to timeout, or missing error handling or fallbacks.


All three episodes of my mini-series with Forrest Brazeal from Trek10 are now live!

Part 1 – Serverless in production. We spoke about my experience with running serverless in production, my course with Manning and some of the mistakes I see people make when adopting serverless.

Part 2 – Bursting the serverless bubble. We discussed challenges with serverless adoption and what can we do to burst the serverless bubble.

Part 3 – From DevOps to FinDev. We discussed the idea of FinDev. What should the finance department and the engineering organization have in common, and why is serverless a catalyst for this transformation.


I gave a new talk at NDC Porto this week on “How to build a social network on serverless”. In this talk I discussed my journey of migrating Yubl to serverless, and how we were able to improve performance, scalability and time to market. I discussed how serverless technologies such as Lambda are used to implement each part of the system, including search, push notifications, timeline, user recommendations, and business intelligence.

Liked this article? Support me on Patreon and get direct help from me via a private Slack channel or 1-2-1 mentoring.
Subscribe to my newsletter

Hi, I’m Yan. I’m an AWS Serverless Hero and I help companies go faster for less by adopting serverless technologies successfully.

Are you struggling with serverless or need guidance on best practices? Do you want someone to review your architecture and help you avoid costly mistakes down the line? Whatever the case, I’m here to help.

Hire me.

Skill up your serverless game with this hands-on workshop.

My 4-week Production-Ready Serverless online workshop is back!

This course takes you through building a production-ready serverless web application from testing, deployment, security, all the way through to observability. The motivation for this course is to give you hands-on experience building something with serverless technologies while giving you a broader view of the challenges you will face as the architecture matures and expands.

We will start at the basics and give you a firm introduction to Lambda and all the relevant concepts and service features (including the latest announcements in 2020). And then gradually ramping up and cover a wide array of topics such as API security, testing strategies, CI/CD, secret management, and operational best practices for monitoring and troubleshooting.

If you enrol now you can also get 15% OFF with the promo code “yanprs15”.

Enrol now and SAVE 15%.

Check out my new podcast Real-World Serverless where I talk with engineers who are building amazing things with serverless technologies and discuss the real-world use cases and challenges they face. If you’re interested in what people are actually doing with serverless and what it’s really like to be working with serverless day-to-day, then this is the podcast for you.

Check out my new course, Learn you some Lambda best practice for great good! In this course, you will learn best practices for working with AWS Lambda in terms of performance, cost, security, scalability, resilience and observability. We will also cover latest features from re:Invent 2019 such as Provisioned Concurrency and Lambda Destinations. Enrol now and start learning!

Check out my video course, Complete Guide to AWS Step Functions. In this course, we’ll cover everything you need to know to use AWS Step Functions service effectively. There is something for everyone from beginners to more advanced users looking for design patterns and best practices. Enrol now and start learning!