The attraction to serverless functions is making developers very happy. Considered a microservice, serverless functions enable a modular design where event-driven independent pieces of code work together within a narrow functional scope. For developers, using serverless functions eliminates or lessens the hands-on infrastructure effort needed to configure and manage physical or virtual servers, networks, or runtime environments.
Its benefits are profound for IT and business leaders: reducing operational costs through a pay-per-use model, cutting costs associated with legacy systems, and bringing new software innovations and updates to market faster. While still a maturing methodology, serverless functions leverage the best of cloud computing and cloud-native applications.
Are Serverless Functions Secure?
There are two sides to answering this question. On the one hand, serverless functions have built-in security because many organizations look to their cloud service provider to undertake security responsibilities. Therefore, developers don’t have to worry about security for any underlying infrastructure.
On the other hand, serverless functions attract new attack vectors along with well-known threat strategies. And, because there aren’t traditional network-based tools or infrastructure security in place, other security vulnerabilities emerge.
Serverless Security Addresses the Top Three Threats and More
The ability to deploy enterprise-grade web applications on serverless platforms does come with security risks. The top threats to a serverless cloud infrastructure are identity and access management (IAM), maintaining appropriate permissions, and ensuring robust code. What can seem like a prudent serverless practice can increase security risks.
Inappropriate access and excessive permissions
Unnecessary permissions are one lever an attacker uses most often to gain and maximize access. Maintaining least-privileged access restricts entrée only to required data and functionality. This can be achieved by adopting a one-to-one relationship between each role and function. Fine-tuning permission levels and using execution roles for functions help secure all credentials, particularly those that are privileged.
Lack of code integrity
Serverless functions still execute code. And, if the software code doesn’t adhere to security best practices, it increases vulnerabilities. Part of maintaining code integrity is conducting continuous vulnerability scans.
Protecting code from errors and minimizing the attack surface can be achieved through scanning the serverless functions and prioritizing mitigation based on risk scores. Additionally, scanning can look for vulnerabilities created through third-party dependencies, as well as configuration errors.
Top ten serverless security risks
The OWASP® Foundation published their top ten risks to the serverless environment in 2017, and they hold today. Their report identifies weaknesses, possible impacts, and prevention guidance for the most prevalent serverless security threats like broken authentication, sensitive data exposure, security misconfiguration, and third-party dependencies.
Assessing Internal and External Adversaries
Research conducted by a team of international cybersecurity experts was published in the October 2022 issue of the Journal of Cloud Computing. Their study highlighted the importance of designing a secure serverless ecosystem that considers the security provided by each component as well as their interplay. Because serverless platforms are “complex and dynamic ecosystems with many distinct components,” it’s critical to understand internal and external adversaries.
External adversaries attack from outside the cloud, leveraging user-controlled input fields in existing APIs that handle trigger events. They may run random commands inside the function or interfere with function execution, for example. Injection attacks are well-known, but in a serverless environment, the attack source can be varied and broad.
Internal adversaries have complete control of one or more functions. They attack from inside the cloud environment by deploying malicious processes.
Maximizing Serverless Functions Requires Appropriate Serverless Security
Despite these new attack vectors, serverless functions are still attractive because they are stateless, embody small code, and are transitory. These characteristics make serverless security easier, enabling a development team to reap all the benefits of serverless functions while mitigating the risks of new threats. When an organizations has tools in place to continuously scan for vulnerabilities, deploy best practices consistently, and use score-based mitigation, software engineers can focus on what they do best.
Serverless Functions Can Be Secured with Panoptica
Cisco’s Emerging Technologies and Incubation (ET&I) team is paving the way with “DevOps-friendly” cloud-native security solutions that fundamentally simplify conventional offerings. Built from the ground up to meet the needs of mission-critical modern applications, our Panoptica solution simplifies cloud-native application security making it easy to embed into the software development lifecycle. Panoptica protects the full application stack from code to runtime by scanning for security vulnerabilities in the cloud infrastructure, microservices (Containers or Serverless), the software bill of materials, and the interconnecting APIs. And best of all, it integrates with the tools that your application development and SecOps teams are already using.