Over the course of a few years, enterprises have been exploring serverless technology
for application development, system automation and a host of other use cases. After ini-
tial research and experimentation on smaller projects, companies are now realizing the
viability of the serverless model for their core, business-critical workloads. Serverless
technology is being adopted by enterprises at a rapid rate. According to surveys con-
ducted by serverless.com, “67% of enterprise respondents said that serverless was
either ‘critical’ or ‘important’ for the work they did at their jobs.” Sumo Logic says that
the adoption of serverless architecture continues to grow among their customers,
reporting, “one in three enterprises use AWS Lambda technologies.”
One of the foremost drivers for this adoption is the economic savings derived from the
consumption-based pay model. Other business benefits afforded by serverless archi-
tectures include reduced operational overhead and faster time to market. Serverless
architectures take full advantage of the managed platform services, eliminating the cost
and overhead associated with operating infrastructure components within classic cloud
application models. (Yes, we now call non-serverless applications “classic”!) Simply put,
serverless allows companies to get to their business value faster, with less time spent on
“plumbing” and more on core business functionality.
But — there is always a “but” — with all these savings and productivity gains come a
new challenge: how to secure those serverless applications. The technology is relatively
new, the architecture has its own nuances and complexities and, if adoption is not prop-
erly managed, sprawl can become an issue and security may suffer.
Challenges to serverless security range from the increased attack surface to the com-
plexity of the attack, to the overall intricacy of the system itself. Also, as we will discuss
further, some traditional security controls simply are not applicable or suitable for
serverless. Do not panic — we can get through this!
SUMMER 2019 | THE DOPPLER | 75