Cloud functions present new security challenges

Serverless apps are deployed over a cloud platform and are designed to use only the amount of computing resources needed to carry out a task. They come into play when needed, and then go away when the task completes. This is great if you’re looking to maximize performance and minimize overhead in a cloud environment. Because they are small, fast and have short lifespans, however, serverless apps pose challenges to security teams.

The cybersecurity industry is still trying to come to grips with containers, those small, easy-to-deploy, pre-built little bundles of applications. Since many containers can run in a single virtual machine, each isolated from the rest, they are cheaper and more flexible than previous application deployment options.

Containers have got nothing on serverless apps, also known as cloud functions or, on Amazon, as Lambda functions. First released by Amazon and IBM in 2014 — and then by Google and Microsoft in 2016 — cloud functions are even smaller, even lighter, and even shorter lived. They’re even harder to secure.

At least with containers, there’s room in the container for the main application, plus some security software such as logging or malware protection tools. With cloud functions, there is only that one function and no room for anything else. Any smaller, we’ll just be running single lines of code in the cloud.

Read full article at CSO.