Serverless Security Explained

As the cloud ecosystem has developed and expanded, so have the ways in which users utilize their services in line with their operational and financial requirements as they seek out new ways to maximize the flexibility of the cloud environment. One such example is in the growth of serverless computing, which has generally been shortened to simply “serverless” for those who use it.

This form of popular cloud computing is being adopted by many organizations who are seeking to be more nimble and cost-effective. However, as organizations begin or continue to integrate serverless into their operations, they will need to think more seriously about how they practice serverless security if they hope to use it responsibly

What is Serverless?

Serverless is the natural progression of cloud computing wherein organizations make use of a cloud provider’s rackspace in order to scale up their computing power. Essentially, the idea is that not all functions for an application are needed all the time, so why should you have to pay rent for a server that isn’t being constantly used? 

This makes sense when we think about it since we basically have a need for some of these services such as logic, databases, authentication, and others for short and specified activities like when a user makes a request to our web application. We are essentially using our serverless services for carrying out a range of functions, leading many to refer to serverless also as Function as a Service (FaaS), further adding to the (X)aaS alphabet soup. We invite you to kill a few minutes with your colleagues coming up with your own “X as a Service” combinations. C’mon, you know you want to. Alternatively, see how many you can name. (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – WhiteSource authored by Gabriel Avner. Read the original post at: https://resources.whitesourcesoftware.com/blog-whitesource/serverless-security-explained

Gabriel Avner

Gabriel Avner

Gabriel is a former journalist who loves learning and writing about the cat and mouse game of security. These days he writes for WhiteSource about the issues impacting open source security and license management and training Brazilian Jiu-Jitsu.

gabriel-avner has 30 posts and counting.See all posts by gabriel-avner