The Serverless Security Shift

Lori Mac Vittie writes for Network Computing, describing why serverless security doesn't have to be a struggle if you pay attention to the apps and focus on securing them.
July 18, 2019
1 min. read

Security in the cloud has always followed a shared responsibility model. What the provider manages, the provider secures. What the customer deploys, the customer secures. Generally speaking, if you have no control over it in the cloud, then the onus of securing it is on the provider.

Serverless, which is kind of like a SaaS-hosted PaaS (if that even makes sense), extends that model to reach higher in the stack. That extension leaves the provider with most of the responsibility for security with very little left for the customer.

The problem is that the 'very little left' actually carries the bulk of risk, especially when we consider Function as a Service (FaaS).

Read the full article published May 23, 2019 here: by Network Computing.

Join the Discussion
Authors & Contributors
Lori Mac Vittie (Author)
Prinicipal Technical Evangelist

More from Learning Center

Forward and Reverse Shells
Forward and Reverse Shells
09/15/2023 article 5 min. read
Web Shells: Understanding Attackers’ Tools and Techniques
Web Shells: Understanding Attackers’ Tools and Techniques
07/06/2023 article 6 min. read
What Is Zero Trust Architecture (ZTA)?
What Is Zero Trust Architecture (ZTA)?
07/05/2022 article 13 min. read