I am all for 'Serverless' Architecture – but what about the security aspect?
Serverless is becoming the rage. Many Stickman clients are on the journey already or are planning Serverless Apps.
Serverless Architectures allow apps to scale according to the cloud workload flow. From a dev standpoint, serverless architectures focus on core functionality and disregard underlying constraints (OS, Runtime, Storage etc.). Serverless allows developers to focus on business logic – not worry about complex server infrastructures.
I am all for Serverless. The benefits are obvious – Auto-Scaling, No admin, Pay per use. Makes complete sense.
However, the security angle is not being discussed as much as it should be. When you go serverless, the cloud provider secures the cloud components. However, the developer is still responsible for app logic, code, data, and app-layer configurations. Serverless apps present new opportunities for hackers and new challenges for companies.
How are you going about your Serverless journey? Have you embarked? Are you embarking? Are you in planning stages? Is security deeply baked into your serverless strategy?