Chapter 5. Summary

Serverless architecture and Functions as a Service introduce new paradigms for application development, one of which is security and its impact, for better and worse, on serverless applications. Although serverless moves some of the responsibility to the platform’s responsibility, this new paradigm requires us to adopt security practices that are adequate to this technological shift and zoom in on the areas of security concerns that are solely our responsibility.

As the growth of adoption increase for the cloud-native world and serverless architecture in specific, new tools, services and patterns emerge for which we need to address security concerns.

In this book, we provided a technology-agnostic security model that will serve useful as this technological space matures. We reviewed the following recommended security model for dealing with serverless functions security presented as a set of CLAD categories:

  • Code vulnerabilities

  • Libraries vulnerabilities

  • Access and permissions

  • Data security and privacy

Code vulnerabilities accounts for the risk of introducing these in your own application or function’s code and it complements library vulnerabilities, which you risk by introducing third-party dependencies that your serverless application uses and might be found vulnerable. Whereas serverless takes a lot of the responsibility from the application owner, such as managing the actual underlying servers, it still requires a fair bit of configuration—this ...

Get Serverless Security now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.