Serverless Security: What’s Left to Protect?

Key Takeaways
FaaS takes on the responsibility for “patching” the underlying servers, freeing you from OS patching
Denial of Service (DoS) attacks are naturally thwarted by the (presumed) infinite capacity Serverless offers.
With serverless, we deploy many small functions that can have their own permissions. However, managing granular permissions for hundreds or thousands of functions is very hard to do.
Since the OS is unreachable, attackers will shift their attention to the areas that remain exposed – and first amongst those would be the application itself.
Known vulnerabilities in application libraries are just as risky as those in the server dependencies, and the responsibility for addressing vulnerable app libraries falls to you – the function developer.

Serverless is an exciting development in the modern infrastructure world. It brings with it the promise of dramatically reduced system costs, simpler and cheaper total cost of ownership, and highly elastic systems that can seamlessly scale to what old-timers


Original URL: http://feedproxy.google.com/~r/feedsapi/BwPx/~3/M-xJt0g509E/serverless-security

Original article

Proudly powered by WordPress | Theme: Baskerville 2 by Anders Noren.

Up ↑

%d bloggers like this: