cloud-security

Serverless Security

Definition

Serverless security addresses the unique risks of Function-as-a-Service (FaaS) platforms like AWS Lambda, Azure Functions, and Google Cloud Functions. The serverless model eliminates OS and infrastructure management but introduces risks including overly broad IAM execution roles, event injection via triggers (API Gateway, S3, SQS), vulnerable dependencies packaged with functions, and insecure handling of secrets in environment variables.

Runtime application self-protection (RASP) and CWPP tools adapted for serverless provide runtime visibility.

Related Terms

Lambda Security

AWS Lambda Security

CWPP

Cloud Workload Protection Platform

RASP

Runtime Application Self-Protection

← Back to Glossary

Ship secure code faster

Crash Override integrates security into the developer workflow. No context switching, no waiting on reviews.

Talk to a Human See the Product