| Summary: | Serverless is taking the cloud native world by storm. This new approach promises extraordinary value, from increased developer productivity to dramatic cost savings. In some aspects, serverless also boasts significant security advantages compared to the server model. But as this practical report explains, securing serverless still requires diligence from the developers and application security professionals involved in the process. Guy Podjarny and Liran Tal from Snyk examine the significant benefits that serverless brings to application security, as well as the considerable risks involved when you configure a serverless system. You'll also learn a platform-agnostic security model known as CLAD that will help you address C ode vulnerabilities, L ibrary vulnerabilities, A ccess and permissions, and D ata security. This report helps you: Understand what serverless is and how this model evolved from cloud native processes Explore the three primary areas where serverless improves security Learn how the CLAD model provides four categories to help you home in on specific security issues Follow a detailed example that demonstrates how poor security manifests in real-world serverless applications
|
|---|