Serverless applications are based on a microservices-oriented system design, often consisting of several services, each with distinct functions that are composed and orchestrated to deliver specific functionality. The architecture allows firms to build and deploy software applications without consideration towards provisioning or maintaining the underlying infrastructure. The novelty of the architecture and its inherent characteristics present new challenges for cybersecurity. We discuss the security imperatives of this emerging cloud computing software paradigm. We then identify some of the approaches and practices that can be used by organizations to mitigate security threats in the context of serverless computing.
Patnayakuni, Ravi and Patnayakuni, Nainika, "Securing Serverless Computing" (2018). WISP 2018 Proceedings. 15.