aws-serverless-rest-api is a hardened infrastructure baseline developed by Merkaba AI Risk Management.
If you discover a security vulnerability — including IAM privilege escalation paths or API Gateway bypasses — please report it to:
Email: security@merkabacreatives.org
Subject line: [SECURITY] aws-serverless-rest-api — <brief description>
We will acknowledge receipt within 48 hours.
- API Gateway enforces strict request validation.
- DynamoDB data is encrypted at rest using AWS KMS.