20";display:block;height:0;overflow:hidden}.clearfix:after{clear:both}.tie-container,#tie-wrapper{height:100%;min-height:650px}.tie-container{position:relative;overflow:hidden}#tie-wrapper{background:#fff;position:relative;z-index:108;height:100%;margin:0 auto}.container-wrapper{background:#fff;border:1px solid rgba(0,0,0,.1);border-radius:2px;padding:30px}#content{margin-top:30px}@media (max-width:991px){#content{margin-top:15px}}.site-content{-ms-word-wrap:break-word;word-wrap:break-word}.theme-header{background:#fff;position:relative;z-index:999}.theme-header:after{content:"";display:table;clear:both}.theme-header.top-nav-below .top-nav{z-index:8}#menu-components-wrap{display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-justify-content:space-between;-ms-flex-pack:justify;justify-content:space-between;width:100%;-webkit-flex-wrap:wrap;-ms-flex-wrap:wrap;flex-wrap:wrap}.header-layout-2 #menu-components-wrap{-webkit-justify-content:center;-ms-flex-pack:center;justify-content:center}.logo-row{position:relative}#logo{margin-top:40px;margin-bottom:40px;display:block;float:left}#logo a{display:inline-block}#logo.text-logo a{color:var(--brand-color)}.logo-text{font-size:50px;line-height:50px;font-weight:700}@media (max-width:670px){.logo-text{font-size:30px}}.header-layout-2 #logo{float:none;text-align:center}.header-layout-2 .logo-container{width:100%;float:none}@media (max-width:991px){#theme-header.has-normal-width-logo #logo{margin:14px 0!important;text-align:left;line-height:1}}@media (max-width:991px){#theme-header.mobile-header-default:not(.header-layout-1) #logo{-webkit-flex-grow:10;-ms-flex-positive:10;flex-grow:10}}.components{display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-align-items:center;-ms-flex-align:center;align-items:center;-webkit-justify-content:end;-ms-flex-pack:end;justify-content:end}.components>li{position:relative}.components>li>a{display:block;position:relative;width:30px;text-align:center;font-size:16px;white-space:nowrap}.components a.follow-btn{width:auto;padding-left:15px;padding-right:15px;overflow:hidden;font-size:12px}@media (max-width:991px){.logo-container{border-width:0;display:-webkit-flex;display:-ms-flexbox;display:flex;-webkit-flex-flow:row nowrap;-ms-flex-flow:row nowrap;flex-flow:row nowrap;-webkit-align-items:center;-ms-flex-align:center;align-items:center;-webkit-justify-content:space-between;-ms-flex-pack:justify;justify-content:space-between}}.mobile-header-components{display:none;z-index:10;height:30px;line-height:30px;-webkit-flex-wrap:nowrap;-ms-flex-wrap:nowrap;flex-wrap:nowrap;-webkit-flex:1 1 0%;-ms-flex:1 1 0%;flex:1 1 0%}.mobile-header-components .components{float:none;display:-webkit-flex!important;display:-ms-flexbox!important;display:flex!important;-webkit-justify-content:stretch;-ms-flex-pack:stretch;justify-content:stretch}.mobile-header-components .components li.custom-menu-link{display:inline-block;float:none}.mobile-header-components .components li.custom-menu-link>a{width:20px;padding-bottom:15px}.mobile-header-components [class^=tie-icon-]{font-size:18px;width:20px;height:20px;vertical-align:middle}.mobile-header-components .tie-mobile-menu-icon{font-size:20px}.mobile-header-components .nav-icon{display:inline-block;width:20px;height:2px;background-color:var(--base-color);position:relative;top:-4px}.mobile-header-components .nav-icon:before,.mobile-header-components .nav-icon:after{position:absolute;right:0;background-color:var(--base-color);content:'';display:block;width:100%;height:100%;-webkit-transform:translateZ(0);transform:translateZ(0);-webkit-backface-visibility:hidden;backface-visibility:hidden}.mobile-header-components .nav-icon:before{-webkit-transform:translateY(-7px);-ms-transform:translateY(-7px);transform:translateY(-7px)}.mobile-header-components .nav-icon:after{-webkit-transform:translateY(7px);-ms-transform:translateY(7px);transform:translateY(7px)}#mobile-header-components-area_1 .components li.custom-menu-link>a{margin-right:15px}#mobile-header-components-area_2 .components{-webkit-flex-direction:row-reverse;-ms-flex-direction:row-reverse;flex-direction:row-reverse}#mobile-header-components-area_2 .components li.custom-menu-link>a{margin-left:15px}@media (max-width:991px){.logo-container:before,.logo-container:after{height:1px}#tie-body #mobile-container,.mobile-header-components{display:block}#slide-sidebar-widgets{display:none}}.top-nav{background-color:#fff;position:relative;z-index:10;line-height:40px;border:1px solid rgba(0,0,0,.1);border-width:1px 0;color:var(--base-color);clear:both}.top-nav a:not(.button):not(:hover){color:var(--base-color)}.topbar-wrapper{display:-webkit-flex;display:-ms-flexbox;display:flex;min-height:40px}.top-nav .tie-alignleft,.top-nav .tie-alignright{-webkit-flex-grow:1;-ms-flex-positive:1;flex-grow:1;position:relative}.top-nav.has-breaking-news .tie-alignleft{-webkit-flex:1 0 100px;-ms-flex:1 0 100px;flex:1 0 100px}.top-nav.has-breaking-news .tie-alignright{-webkit-flex-grow:0;-ms-flex-positive:0;flex-grow:0;z-index:1}.top-menu .menu a{padding:0 10px}.top-menu .menu li{position:relative}.tie-alignright .top-menu{float:right;border-width:0 1px}@media (max-width:991px){.top-menu,.theme-header .components{display:none}}.breaking{display:none}.main-nav-wrapper{position:relative;z-index:4}.main-nav-below.top-nav-below-main-nav .main-nav-wrapper{z-index:9}.main-nav{background-color:var(--main-nav-background);color:var(--main-nav-primary-color);position:relative;border:1px solid var(--main-nav-main-border-color);border-width:1px 0}.main-menu-wrapper{position:relative}@media (min-width:992px){.header-menu .menu{display:-webkit-flex;display:-ms-flexbox;display:flex}.header-menu .menu a{display:block;position:relative}.header-menu .menu>li>a{white-space:nowrap}#main-nav{z-index:9;line-height:60px}.main-menu .menu>li>a{padding:0 14px;font-size:14px;font-weight:700}.main-nav .menu a,.main-nav .components li a{color:var(--main-nav-text-color)}.main-nav-light{--main-nav-background:#fff;--main-nav-secondry-background:rgba(0,0,0,.03);--main-nav-primary-color:var(--brand-color);--main-nav-contrast-primary-color:var(--bright-color);--main-nav-text-color:var(--base-color);--main-nav-secondry-text-color:rgba(0,0,0,.5);--main-nav-main-border-color:rgba(0,0,0,.1);--main-nav-secondry-border-color:rgba(0,0,0,.08)}}@media (min-width:992px){.main-nav-boxed .main-nav{border-width:0}.main-nav-boxed .main-menu-wrapper{float:left;width:100%;background-color:var(--main-nav-background);padding-right:15px}.main-nav-boxed.main-nav-light .main-menu-wrapper{border:1px solid var(--main-nav-main-border-color)}.main-nav-below.top-nav-below #main-nav:not(.fixed-nav){bottom:-1px}}.main-nav-boxed .main-nav:not(.fixed-nav){background:0 0!important}@media only screen and (min-width:992px) and (max-width:1100px){.main-nav .menu>li:not(.is-icon-only)>a{padding-left:7px;padding-right:7px}.main-nav .menu>li:not(.is-icon-only)>a:before{display:none}}@media (max-width:991px){#tie-wrapper header#theme-header{box-shadow:none;background:0 0!important}.logo-container{border-width:0;box-shadow:0 3px 7px 0 rgba(0,0,0,.1)}.logo-container{background-color:#fff}.header-layout-2 .main-nav-wrapper{display:none}.main-menu-wrapper .main-menu-wrap{width:100%}}.comp-sub-menu{display:none;position:absolute;z-index:1;right:0;width:250px;overflow:hidden;padding:20px;background:#fff;box-shadow:0 2px 5px rgba(0,0,0,.1);box-sizing:content-box}.comp-sub-menu li{position:relative;width:100%}.comp-sub-menu.dropdown-social-icons{width:160px;padding:0;margin:0;line-height:35px}.comp-sub-menu.dropdown-social-icons li{margin:0}.comp-sub-menu.dropdown-social-icons a{display:block;font-size:13px}.comp-sub-menu.dropdown-social-icons a span{color:var(--base-color)}.comp-sub-menu.dropdown-social-icons a .tie-social-icon{width:35px;text-align:center;display:inline-block}.comp-sub-menu.dropdown-social-icons li:last-child{border-bottom:0}@media (max-width:767px){.magazine1:not(.has-builder):not(.error404) .main-content,.magazine1:not(.has-builder):not(.error404) .sidebar{padding-left:0;padding-right:0}}input{border:1px solid rgba(0,0,0,.1);color:var(--base-color);font-size:13px;outline:none;padding:10px 12px;line-height:23px;border-radius:2px;max-width:100%;background-color:transparent}input:not([type=checkbox]):not([type=radio]){-webkit-appearance:none;-moz-appearance:none;appearance:none;outline:none}@media (max-width:767px){input:not([type=submit]){font-size:16px!important}}.button,[type=submit]{width:auto;position:relative;background-color:var(--tie-buttons-color,var(--brand-color));color:var(--tie-buttons-text,var(--bright-color));border-radius:var(--tie-buttons-radius,2px);border:var(--tie-buttons-border-width,0) solid var(--tie-buttons-border-color,var(--brand-color));padding:10px 25px;margin:0;font-weight:600;font-size:14px;display:inline-block;text-align:center;line-height:21px;text-decoration:none;vertical-align:middle;-webkit-appearance:none;-moz-appearance:none;appearance:none}@media (min-width:992px){.sidebar-right .main-content{float:left}.sidebar-right .sidebar{float:right}.sidebar-right.magazine1 .main-content{padding-right:3px}}.post-thumb{position:relative;height:100%;display:block;-webkit-backface-visibility:hidden;backface-visibility:hidden;-webkit-transform:rotate(0);-ms-transform:rotate(0);transform:rotate(0)}.post-thumb img{width:100%;display:block}.post-thumb .post-cat-wrap{position:absolute;bottom:10px;margin:0;right:10px}.post-meta{margin:10px 0 8px;font-size:12px;overflow:hidden}.post-meta,.post-meta a:not(:hover){color:#666}.post-meta .meta-item{margin-right:8px;display:inline-block}.post-meta .meta-item.tie-icon:before{padding-right:3px}.post-meta .meta-item.date:before{content:"\f017"}.post-meta .meta-item.meta-comment:before{content:"\f086"}.post-meta .tie-alignright .meta-item:last-child{margin:0!important}@media (max-width:767px){.entry-header .post-meta>span,.entry-header .post-meta>div,.main-content .post-meta>span,.main-content .post-meta>div{float:left}}.post-cat-wrap{position:relative;z-index:3;margin-bottom:5px;font-weight:400;font-family:inherit!important;line-height:0;display:block}.post-cat{display:inline-block;background:var(--brand-color);color:var(--bright-color);padding:0 11px;font-size:13px;line-height:2em;margin-right:4px;position:relative;white-space:nowrap;word-wrap:normal;letter-spacing:0;border-radius:4px}.post-cat:first-child:last-child{margin:0}#breadcrumb{margin:50px 0 0}#breadcrumb,#breadcrumb a:not(:hover){color:#666}#breadcrumb .delimiter{margin:0 3px;font-style:normal}.entry-header-outer #breadcrumb{margin:0 0 20px;padding:0}@media (max-width:767px){.single-post #breadcrumb .current,.single-post #breadcrumb em:last-of-type{display:none}}.social-icons-item{float:right;margin-left:6px;position:relative}.social-icons-item .social-link span{color:var(--base-color);line-height:unset}.social-icons-widget .social-icons-item .social-link{width:24px;height:24px;line-height:24px;padding:0;display:block;text-align:center;border-radius:2px}.social-icons-item .facebook-social-icon{background-color:#4080ff!important}.social-icons-item .facebook-social-icon span{color:#4080ff}.social-icons-item .twitter-social-icon{background-color:#000!important}.social-icons-item .twitter-social-icon span{color:#000}.social-icons-item .instagram-social-icon{background-color:#c13584!important}.social-icons-item .instagram-social-icon span{color:#c13584}.social-icons-item .youtube-social-icon{background-color:#ef4e41!important}.social-icons-item .youtube-social-icon span{color:#ef4e41}ul:not(.solid-social-icons) .social-icons-item a:not(:hover){background-color:transparent!important}.solid-social-icons .social-link{background-color:var(--base-color)}.dark-skin .solid-social-icons .social-link{background-color:#27292d;border-color:#27292d}.solid-social-icons .social-link span{color:#fff!important}.theme-notice{background:#fff6ac;padding:10px;color:#000!important;display:block;clear:both}.entry-header{padding:30px 30px 0;margin-bottom:20px}@media (max-width:991px){.entry-header{padding:20px 20px 0}}@media (max-width:767px){.container-wrapper{padding:20px 15px}}.tab-content{padding:30px;display:none}.tab-content{position:relative}@media (max-width:767px){.tab-content{padding:20px}}.tab-content-elements li{opacity:0}.tabs-container-wrapper{padding:0!important}.block-head-1 .the-global-title{position:relative;font-size:17px;padding:0 0 15px;border-bottom:2px solid rgba(0,0,0,.1);margin-bottom:20px}.block-head-1 .the-global-title:after{content:"";background:#2c2f34;width:40px;height:2px;position:absolute;bottom:-2px;left:0}.block-head-1 .the-global-title:before{content:"";width:0;height:0;position:absolute;bottom:-5px;left:0;border-left:0;border-right:5px solid transparent;border-top:5px solid #2c2f34}.block-head-1 .dark-skin .widget-title:after{background:#fff}.block-head-1 .dark-skin .widget-title:before{border-top-color:#fff}.block-head-1 .dark-skin .the-global-title{color:#fff;border-bottom-color:rgba(255,255,255,.1)}.side-aside{position:fixed;top:0;z-index:111;visibility:hidden;width:350px;max-width:100%;height:100%;background:#fff;background-repeat:no-repeat;background-position:center top;background-size:cover;overflow-y:auto}@media (min-width:992px){.side-aside{right:0;-webkit-transform:translate(350px,0);-ms-transform:translate(350px,0);transform:translate(350px,0)}}.site-footer .widget-title-icon{display:none}.dark-skin{--lazyload-loading-color:#161717}.dark-skin{background-color:var(--tie-dark-skin-bg-main,#1f2024);color:#fff}.dark-skin input:not([type=submit]){color:#ccc}.dark-skin a:not(:hover){color:#fff}.dark-skin .post-meta{color:#ccc!important}.dark-skin input:not([type=submit]){border-color:rgba(255,255,255,.1)}.dark-skin .container-wrapper{background-color:var(--tie-dark-skin-bg-main,#1f2024);border-color:rgba(255,255,255,.1)}.dark-skin .widget a:not(:hover),.dark-skin .widget-title{color:#fff}.dark-skin .widget-title-icon{color:#ccc}.sidebar .container-wrapper{margin-bottom:30px}@media (max-width:991px){.sidebar .container-wrapper{margin-bottom:15px}}@media (max-width:991px){.has-sidebar .sidebar{margin-top:15px}}.widget-title{position:relative}.widget-title .the-subtitle{font-size:15px;min-height:15px}.widget-title-icon{position:absolute;right:0;top:1px;color:#b9bec3;font-size:15px}.widget-title-icon:before{content:"\f08d"}.post-widget-body{padding-left:125px}.post-widget-body .post-title{font-size:14px;line-height:1.4;margin-bottom:5px}.post-widget-thumbnail{float:left;margin-right:15px;position:relative}.post-widget-thumbnail img.tie-small-image{width:110px}.widget li{padding:6px 0}.widget li:first-child{padding-top:0}.widget li:last-child{padding-bottom:0;border-bottom:0}.widget li:after{clear:both;display:table;content:""}.widget .post-meta{margin:2px 0 0;font-size:11px;line-height:17px}.widget-content-only{margin-bottom:30px}.posts-list .widget-title-icon:before{content:"\f0f6"}.posts-list-big-first .posts-list-items li:first-child{padding-bottom:20px}.posts-list-big-first li:first-child .post-widget-thumbnail{width:100%;margin-right:0;margin-bottom:10px}.posts-list-big-first li:first-child .post-widget-thumbnail a{min-height:40px}.posts-list-big-first li:first-child .post-widget-body{padding-left:0}.posts-list-big-first li:first-child .post-title{font-size:18px}@media (max-width:991px){.posts-list-big-first .posts-list-items{overflow:hidden}.posts-list-big-first li{width:48%;float:left}.posts-list-big-first li:nth-child(2){padding-top:0}.posts-list-big-first li:nth-child(2n){float:right}.posts-list-big-first li:nth-child(2n+1){clear:both}.posts-list-big-first li:nth-child(2),.posts-list-big-first li:nth-child(3){float:right;clear:none}}@media (max-width:670px){.posts-list-big-first li{width:100%}.posts-list-big-first li:nth-child(2){padding-top:12px}}form.search-form{overflow:auto;position:relative;width:100%;margin-top:10px}.search-field{float:left;width:73%;padding:8px 15px}.search-submit[type=submit]{float:right;padding:10px 5px;margin-left:2%;width:25%}.login-widget .widget-title-icon:before{content:"\f023"}.login-widget form input[type=text],.login-widget form input[type=password]{width:100%;float:none;margin-bottom:15px}.login-widget .pass-container{position:relative}.login-widget .pass-container input[type=password]{padding-right:70px}.login-widget .forget-text{position:absolute;right:15px;line-height:45px;top:0;font-size:12px}.login-widget .forget-text:not(:hover){color:#666}.login-widget .rememberme{display:block;margin-bottom:15px}li.widget-post-list{padding:7px 0;position:relative}.widget_categories .widget-title-icon:before{content:"\f07b"}.widget_nav_menu .widget-title-icon:before{content:"\f0c9"}.stream-item-widget a{display:block}.stream-item-widget img{display:block;margin-right:auto;margin-left:auto;height:auto}.stream-item-widget .stream-item-widget-content{text-align:center}.social-statistics-widget .widget-title-icon:before{content:"\f164"}.social-statistics-widget ul{overflow:hidden}@media only screen and (min-width:768px) and (max-width:991px){.fullwidth-stats-icons{margin-left:-5px;margin-right:-5px}}.social-icons-widget ul{margin:0 -3px}.social-icons-widget .social-icons-item{float:left;margin:3px;border-bottom:0;padding:0}.social-icons-widget .social-icons-item .social-link{width:40px;height:40px;line-height:40px;font-size:18px}@media (max-width:479px){.social-icons-widget .social-icons-item{float:none;display:inline-block}}.widget-posts-list-container{position:relative}@media (min-width:992px){.theme-header .logo-row>div{height:auto!important}}.breaking{float:left;width:100%;display:block!important}.breaking-title{padding:0 10px;display:block;float:left;color:#fff;font-size:12px;position:relative}.breaking-title span{position:relative;z-index:1}.breaking-title span.breaking-icon{display:none}@media (max-width:600px){.breaking-title span.breaking-icon{display:inline-block}.breaking-title .breaking-title-text{display:none}}.breaking-title:before{content:"";background:#f05555;width:100%;height:100%;position:absolute;left:0;top:0;z-index:0}.breaking-news{display:none}#mobile-container{display:none;padding:10px 30px 30px}#mobile-menu{margin-bottom:20px;position:relative;padding-top:15px}#mobile-social-icons{margin-bottom:15px}#mobile-social-icons ul{text-align:center;overflow:hidden}#mobile-social-icons ul .social-icons-item{float:none;display:inline-block}#mobile-social-icons .social-icons-item{margin:0}#mobile-social-icons .social-icons-item .social-link{background:0 0;border:none}#mobile-search .search-form{overflow:hidden;position:relative}#mobile-search .search-form:after{position:absolute;content:"\f002";font-family:'tiefonticon';top:4px;right:10px;line-height:30px;width:30px;font-size:16px;border-radius:50%;text-align:center;color:#fff}#mobile-search .search-field{background-color:rgba(0,0,0,.05);border-color:rgba(255,255,255,.1);color:#fff;width:100%;border-radius:50px;padding:7px 45px 7px 20px}#mobile-search .search-submit{background:0 0;font-size:0;width:35px;height:38px;position:absolute;top:0;right:5px;z-index:1}#mobile-search input::-webkit-input-placeholder{color:rgba(255,255,255,.6)}#mobile-search input::-moz-placeholder{color:rgba(255,255,255,.6)}#mobile-search input:-moz-placeholder{color:rgba(255,255,255,.6)}#mobile-search input:-ms-input-placeholder{color:rgba(255,255,255,.6)}#tie-wrapper:after{position:absolute;z-index:1000;top:-10%;left:-50%;width:0;height:0;background:rgba(0,0,0,.2);content:'';opacity:0}@media (max-width:991px){.side-aside.appear-from-left{left:0;-webkit-transform:translate(-100%,0);-ms-transform:translate(-100%,0);transform:translate(-100%,0)}.side-aside.is-fullwidth{width:100%}}.is-desktop .side-aside .has-custom-scroll{padding:50px 0 0}.side-aside:after{position:absolute;top:0;left:0;width:100%;height:100%;background:rgba(0,0,0,.2);content:'';opacity:1}.side-aside .container-wrapper{padding:30px!important;border-radius:0;border:0;background:0 0;box-shadow:none!important}a.remove{position:absolute;top:0;right:0;display:block;speak:never;-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale;width:20px;height:20px;display:block;line-height:20px;text-align:center;font-size:15px}a.remove:before{content:"\e117";font-family:'tiefonticon';color:#e74c3c}a.remove.big-btn{width:25px;height:25px;line-height:25px;font-size:22px}a.remove.light-btn:not(:hover):before{color:#fff}.side-aside a.remove{z-index:1;top:15px;left:50%;right:auto;-webkit-transform:translateX(-50%);-ms-transform:translateX(-50%);transform:translateX(-50%)}.side-aside a.remove:not(:hover):before{color:#111}.side-aside.dark-skin a.remove:not(:hover):before{color:#fff}.tie-popup a.remove{-webkit-transform:scale(.2);-ms-transform:scale(.2);transform:scale(.2);opacity:0;top:15px;right:15px;z-index:1}.theiaStickySidebar:after{content:"";display:table;clear:both}.side-aside,.has-custom-scroll{overflow-x:hidden;scrollbar-width:thin}.side-aside::-webkit-scrollbar,.has-custom-scroll::-webkit-scrollbar{width:5px}.side-aside::-webkit-scrollbar-track,.has-custom-scroll::-webkit-scrollbar-track{background:0 0}.side-aside::-webkit-scrollbar-thumb,.has-custom-scroll::-webkit-scrollbar-thumb{border-radius:20px;background:rgba(0,0,0,.2)}.dark-skin .has-custom-scroll::-webkit-scrollbar-thumb{background:#000}.tie-popup{position:fixed;z-index:99999;left:0;top:0;height:100%;width:100%;background-color:rgba(0,0,0,.5);display:none;-webkit-perspective:600px;perspective:600px}.tie-popup-container{position:relative;z-index:100;width:90%;max-width:420px;margin:10em auto 0;border-radius:2px;box-shadow:0 0 20px rgba(0,0,0,.2);will-change:transform,opacity;-webkit-transform:scale(.5);-ms-transform:scale(.5);transform:scale(.5);opacity:0}.tie-popup-container .login-submit{padding-top:15px;padding-bottom:15px}.tie-popup-container .container-wrapper{padding:60px;background-color:#fff!important;border-radius:5px}@media (max-width:479px){.tie-popup-container .container-wrapper{padding:30px}}.pop-up-live-search{will-change:transform,opacity;-webkit-transform:scale(.7);-ms-transform:scale(.7);transform:scale(.7);opacity:0}.tie-popup-search-wrap::-webkit-input-placeholder{color:#fff}.tie-popup-search-wrap::-moz-placeholder{color:#fff}.tie-popup-search-wrap:-moz-placeholder{color:#fff}.tie-popup-search-wrap:-ms-input-placeholder{color:#fff}.tie-popup-search-wrap form{position:relative;height:80px;margin-bottom:20px}.popup-search-wrap-inner{position:relative;padding:80px 15px 0;margin:0 auto;max-width:800px}input.tie-popup-search-input{width:100%;height:80px;line-height:80px;background:rgba(0,0,0,.7)!important;font-weight:500;font-size:22px;border:0;padding-right:80px;padding-left:30px;color:#fff;border-radius:5px}button.tie-popup-search-submit{font-size:28px;color:#666;position:absolute;right:5px;top:15px;background:0 0!important}#tie-popup-search-mobile .popup-search-wrap-inner{padding-top:50px}#tie-popup-search-mobile input.tie-popup-search-input{height:50px;line-height:1;padding-left:20px;padding-right:50px}#tie-popup-search-mobile button.tie-popup-search-submit{font-size:16px;top:9px;right:0}#autocomplete-suggestions{overflow:auto;padding:20px;color:#eee;position:absolute;display:none;width:370px;z-index:9999;margin-top:15px}.tie-icon-facebook:before{content:"\f09a"}.tie-icon-search:before{content:"\f002"}.tie-icon-author:before{content:"\f007"}.tie-icon-plus:before{content:"\f067"}.tie-icon-home:before{content:"\f015"}.tie-icon-tags:before{content:"\f02c"}.tie-icon-bookmark:before{content:"\f02e"}.tie-icon-twitter:before{content:"\e90f"}.tie-icon-navicon:before{content:"\f0c9"}.tie-icon-pinterest:before{content:"\f0d2"}.tie-icon-linkedin:before{content:"\f0e1"}.tie-icon-bolt:before{content:"\f0e7"}.tie-icon-youtube:before{content:"\f16a"}.tie-icon-instagram:before{content:"\f16d"}.tie-icon-tumblr:before{content:"\f173"}.tie-icon-reddit:before{content:"\f1a1"}.tie-icon-paper-plane:before{content:"\f1d8"}.tie-icon-whatsapp:before{content:"\f232"}.tie-icon-fire:before{content:"\e900"}.post-content.container-wrapper{padding:0}.entry-header{font-size:45px;line-height:1.2}@media (max-width:767px){.entry-header{font-size:28px}}.entry-header .entry-title{margin-bottom:15px}@media (max-width:767px){.entry-header .entry-title{font-size:28px}}.entry-header .post-cat{margin-bottom:6px}.entry-header .post-meta{overflow:inherit;font-size:12px;margin-top:5px;margin-bottom:0;line-height:24px}.entry-header .post-meta .meta-item{margin-right:12px}.entry-header .post-meta,.entry-header .post-meta a:not(:hover){color:#333}.entry-header .post-meta .meta-author{margin:0}.entry-header .post-meta .meta-author a{font-weight:600}.entry-header .post-meta .author-meta+.date:before{content:"22";color:#ccc;margin:0 3px 0 5px;display:inline-block}.entry-header .post-meta .tie-alignright{display:inline}@media (max-width:767px){.entry-header .post-meta{margin-bottom:-8px}.entry-header .post-meta .tie-alignright{float:none}.entry-header .post-meta .meta-item,.entry-header .post-meta .tie-alignright .meta-item:last-child{margin-bottom:8px!important}.entry-header .post-meta>span,.entry-header .post-meta>div{float:initial!important}.entry-header .post-meta .meta-author a{font-weight:400}.entry-header .meta-author-avatar img{width:20px;height:20px}}.meta-author-avatar img{width:30px;height:30px;margin-right:3px;margin-top:-5px;vertical-align:middle;border-radius:50%}.post-layout-1 .entry-header-outer{padding:30px 30px 20px}@media (max-width:767px){.post-layout-1 .entry-header-outer{padding:20px}}.post-layout-1 .entry-header{padding:0;margin:0}.featured-area{position:relative;margin-bottom:30px;line-height:1}@media (max-width:767px){.featured-area{margin-bottom:20px}}.featured-area img{width:100%}.single-featured-image{position:relative;margin:0;line-height:0}.post-bottom-meta-title{float:left;padding:0 6px;margin:5px 5px 0 0;background:#2c2f34;border:1px solid rgba(0,0,0,.1);border-radius:2px}.post-bottom-meta-title{color:#fff}.post-tags-modern .post-bottom-meta-title{display:none}.share-buttons{padding:18px 28px;line-height:0}@media (max-width:767px){.share-buttons{padding:15px}}@media (min-width:768px){.share-buttons-top{padding-bottom:0}}.entry-header-outer+.share-buttons-top{padding-top:0}.post-layout-1 .share-buttons-top{padding-bottom:18px}.share-buttons-mobile{position:fixed;bottom:0;z-index:999999;width:100%;background:0 0;border:0 none;padding:0}.share-buttons-mobile .share-links a{margin:0;border-radius:0;width:1%;display:table-cell;opacity:1!important}.share-buttons-mobile .share-links a .share-btn-icon{margin:0 auto;float:none}@media (min-width:768px){.share-buttons-mobile{display:none}}.mobile-share-buttons-spacer{height:40px}@media (min-width:768px){.mobile-share-buttons-spacer{display:none}}.share-links a{color:#fff}.share-links{overflow:hidden;position:relative}.share-links .share-btn-icon{font-size:15px}.share-links a{display:inline-block;margin:2px;height:40px;overflow:hidden;position:relative;border-radius:2px;width:40px}.share-links a,.share-links a:before{background-color:#444}.share-links a .share-btn-icon{width:40px;height:40px;float:left;display:block;text-align:center;line-height:40px}.share-links a.facebook-share-btn,.share-links a.facebook-share-btn:before{background:#4080ff}.share-links a.twitter-share-btn,.share-links a.twitter-share-btn:before{background:#000}.share-links a.linkedin-share-btn,.share-links a.linkedin-share-btn:before{background:#238cc8}.share-links a.pinterest-share-btn,.share-links a.pinterest-share-btn:before{background:#e13138}.share-links a.reddit-share-btn,.share-links a.reddit-share-btn:before{background:#ff4500}.share-links a.tumblr-share-btn,.share-links a.tumblr-share-btn:before{background:#35465c}.share-links a.whatsapp-share-btn,.share-links a.whatsapp-share-btn:before{background:#43d854}.share-links a.telegram-share-btn,.share-links a.telegram-share-btn:before{background:#08c}@media (max-width:767px){.social-text{display:none}}@media (min-width:768px){a.whatsapp-share-btn,a.telegram-share-btn{display:none!important}}#cancel-comment-reply-link{float:right;line-height:18px}#reading-position-indicator{display:block;height:5px;position:fixed;bottom:0;left:0;background:var(--brand-color);box-shadow:0 0 10px rgba(0,136,255,.7);width:0;z-index:9999;max-width:100%}#post-extra-info{display:none}:root:root{--brand-color:#0a9e01;--dark-brand-color:#006c00;--bright-color:#fff;--base-color:#2c2f34}#reading-position-indicator{box-shadow:0 0 10px rgba(10,158,1,.7)}:root:root{--brand-color:#0a9e01;--dark-brand-color:#006c00;--bright-color:#fff;--base-color:#2c2f34}#reading-position-indicator{box-shadow:0 0 10px rgba(10,158,1,.7)}#top-nav .breaking-title{color:#fff}#top-nav .breaking-title:before{background-color:#f42}@media (max-width:991px){.side-aside.normal-side{background:#0a9e01;background:-webkit-linear-gradient(135deg,#66a501,#0a9e01);background:-moz-linear-gradient(135deg,#66a501,#0a9e01);background:-o-linear-gradient(135deg,#66a501,#0a9e01);background:linear-gradient(135deg,#0a9e01,#66a501)}}
Serverless Security Considerations: A Beginner's Guide to Staying Safe - Cybertech Updates
{"prompt":"Visualize a vibrant and dynamic abstract artwork that encapsulates key security considerations in a serverless architecture. Imagine swirling patterns of deep blues and luminous whites representing function isolation, interspersed with sharp geometric shapes symbolizing data encryption. Glowing locks in vivid golds and rich greens represent access control, all set against a nebulous cloud-like backdrop. Soft lighting enhances the ethereal feel, creating a sense of depth and intrigue. The overall mood conveys both complexity and security, highlighting the intricate layers of protection in a cloud environment. The design embraces a modern digital aesthetic, reminiscent of contemporary tech-inspired art, integrating a fluidity that suggests seamless operation and robustness within serverless frameworks.\n\nAbstract image representing key serverless security considerations like function isolation, data encryption, and access control locks in a cloud environment.","originalPrompt":"Abstract image representing key serverless security considerations like function isolation, data encryption, and access control locks in a cloud environment.","width":1280,"height":720,"seed":1667153919,"model":"flux","enhance":false,"nologo":true,"negative_prompt":"worst quality, blurry","nofeed":false,"safe":false,"isMature":false,"isChild":false} So, you’re diving into the world of serverless computing? Welcome! It’s an exciting space offering scalability, cost-efficiency, and reduced operational overhead. However, as you embrace Function-as-a-Service (FaaS) and other serverless offerings, it’s crucial to understand the unique security landscape. Ignoring **serverless security considerations** can expose your applications and data to significant risks. This guide is designed for beginners to navigate the essential security aspects you need to know.
Serverless doesn’t mean *no* servers; it means you don’t *manage* them. The cloud provider handles the underlying infrastructure, patching, and OS maintenance. This shifts your security focus away from traditional server hardening towards securing your code, configurations, and data flows. Understanding this shift is the first step in building secure serverless applications.
[Hint: Insert image/video explaining the shared responsibility model in serverless here]
Why Are Serverless Security Considerations Different? Traditional security often relies on network perimeters and securing hosts. In serverless, the execution environment is ephemeral, functions are often internet-accessible via triggers (like API Gateways), and the attack surface changes. Key differences include:
No Server Management: Forget traditional endpoint security tools. Your focus must be on application-level and configuration security.Ephemeral Execution: Functions spin up, run, and spin down quickly. This demands real-time monitoring and logging, as post-incident forensics on a non-existent environment is impossible.Granular Components: Applications are broken down into small, independent functions. While this can limit the blast radius of a compromise, it also means more potential entry points to secure.Shared Responsibility Model: The cloud provider secures the infrastructure, but *you* are responsible for securing your function code, dependencies, data, and IAM configurations. If you want to learn more about the basics, check out our guide on what serverless computing is .Key Serverless Security Risks for Beginners Understanding potential threats is vital. Here are some common **serverless security considerations** regarding risks you might encounter:
1. Inadequate Access Controls (Over-privileged Functions) It’s tempting to give functions broad permissions for simplicity, but this is dangerous. If a function with excessive permissions (e.g., full database access when it only needs to read one table) is compromised, the attacker gains those broad permissions too. This violates the principle of least privilege.
2. Data Exposure and Insecure Storage Misconfiguring cloud storage (like AWS S3 buckets) or failing to encrypt sensitive data both at rest and in transit can lead to severe data breaches. Sensitive information in logs or insecurely passed between functions also poses a risk.
3. Insecure Authentication and Authorization Functions triggered via APIs need robust authentication and authorization. Missing or weak checks on API Gateways or function URLs can allow unauthenticated access or permit users to access data they shouldn’t.
4. Vulnerable Function Dependencies Serverless functions often rely on third-party libraries and packages. If these dependencies contain known vulnerabilities (like those listed in the OWASP Serverless Top 10 ), your function inherits those risks. Keeping track of and updating dependencies is critical.
5. Function-Level Security Gaps Each function can be an entry point. Without proper input validation, functions can be vulnerable to injection attacks (e.g., SQL injection, command injection) if they process external data unsafely.
6. Runtime Threats Malicious code or poorly written functions can lead to denial-of-service (DoS) through infinite loops, excessive resource consumption (memory leaks), or denial-of-wallet attacks by exploiting delayed timeouts or inefficient scaling.
Essential Serverless Security Best Practices Now for the good news! You can mitigate these risks by implementing security best practices from the start. Focus on these core **serverless security considerations**:
1. Use API Gateways as Security Buffers Don’t expose functions directly. Place an API Gateway in front of them to handle authentication (e.g., using JWTs, API keys, or IAM), authorization, rate limiting (to prevent DoS), and input validation before requests even reach your function code.
2. Enforce the Principle of Least Privilege This is paramount. Configure granular IAM roles for each function, granting *only* the permissions necessary for it to perform its specific task. Avoid wildcard permissions. Regularly review and trim unnecessary access.
3. Secure Data at Rest and In Transit Always enable encryption for data stored in cloud services (like S3, DynamoDB). Use HTTPS for all API endpoints to encrypt data in transit. Be mindful of sensitive data in function logs – scrub or avoid logging it altogether.
4. Implement Robust Monitoring and Logging Configure detailed logging for your functions and API Gateways. Use cloud monitoring tools (like AWS CloudWatch, Azure Monitor, Google Cloud Logging) to track function invocations, duration, errors, and resource usage. Set up alerts for anomalies or specific error patterns that could indicate an attack.
5. Manage Dependencies Securely Regularly scan your function code and dependencies for known vulnerabilities using Software Composition Analysis (SCA) tools. Keep libraries updated and remove unused dependencies to minimize the attack surface.
6. Configure Function Timeouts and Memory Limits Set reasonable execution timeouts for your functions to prevent runaway code from causing DoS or incurring excessive costs. Allocate appropriate memory, but avoid over-provisioning unless necessary.
7. Automate Security Checks Integrate security checks into your CI/CD pipeline. Use static analysis security testing (SAST) tools to scan code for vulnerabilities before deployment. Employ Cloud Security Posture Management (CSPM) tools to continuously monitor your cloud environment for misconfigurations.
[Hint: Insert diagram illustrating best practices like API Gateway -> Function -> Secure DB with IAM roles]
Getting Started: Practical Steps for Beginners Feeling overwhelmed? Start small:
Focus on IAM: Master the Principle of Least Privilege first. This alone significantly reduces risk.Secure your API Gateway: Learn how to configure authentication and basic input validation.Scan Dependencies: Use tools like `npm audit` (for Node.js) or equivalent tools for your runtime to check for vulnerable packages.Enable Logging: Ensure you have basic logging enabled for all functions.Conclusion Serverless computing offers immense benefits, but security cannot be an afterthought. By understanding the unique challenges and proactively implementing fundamental **serverless security considerations** and best practices like least privilege, API gateway security, data encryption, diligent monitoring, and dependency management, even beginners can build more secure and resilient serverless applications. Start incorporating these practices early in your development lifecycle to protect your functions and data effectively.
Back to top button