If you are an advocate of serverless, then it should come as no surprise that serverless application architectures actually improve security. But, maintaining control and security may require a shift in your thinking. In this blog, we present serverless security best practices.
Your Apps Just Went Serverless. Your Traditional Security Best Practices no longer apply. Now What?!
1. Map Your App
With serverless apps being comprised of hundreds of functions, you must have a complete picture in order to understand your potential risk. Code reveals your business processes, which could be sensitive. Consider:
- What data is involved in your app and how sensitive this is?
- What is the value of that data i.e. what’s the impact if this data is exflitrated in a breach
- What are the services (APIs) that access the data?
As your app propagates, this can be challenging to maintain. Consider services which help you fortify your entire application supply chain.
2. Apply Perimeter Security at The Function Level
The fragmentation of your application to smaller components that are callable, coupled with the use of triggers from diverse sources (such as storage, message queues, and databases) means attackers have more targets and more attack vectors.
Using your WAF and API Gateway maybe acceptable at a broad security control, but implementing security controls at the perimeter of the function or workload is a better best practice.
3. Create Suitable, Minimal Roles for Each Function
Serverless can substantially increase the number of resources that can act and be acted upon. You must consider the policies governing the interaction between hundreds of resources, with hundreds of possible permissions in each direction.
Spend time creating suitable, minimal access roles for each of your functions. Additionally, ensure that each of your functions executes with the smallest viable set of privileges – start narrow with your privileges and only widen privileges as needed to minimize the impact. Implement continuous assessment of these privileges on a frequent basis, and implement auto remediation to correct any privileges that drift outside of policy – In serverless, things that were once well configured can suddenly be sub-optimal, as others might have changed a role, policy, or function that makes some other part of your application vulnerable.
For additional best practices, click here.