0PricingLogin
Secure Coding & OWASP Top 10 for Backend · Lesson

Serverless Security Best Practices

Address the unique security considerations of serverless architectures, covering function permissions, event source security, and cold start vulnerabilities.

Welcome to Serverless Security

Serverless architectures let you build and run applications without managing servers. This means less operational overhead, but it also shifts some security responsibilities.

Instead of securing entire servers, you focus on individual functions, their data, and how they interact.

The Shared Responsibility Model

In serverless, security is a shared effort:

  • Cloud Provider (e.g., AWS, Azure): Secures the underlying infrastructure, compute, network, and physical facilities.
  • You: Are responsible for securing your code, configuration, data, access control, and network settings within your functions.

Understanding this split is key to effective serverless security.

All lessons in this course

  1. Secure Cloud Deployment (AWS/Azure/GCP)
  2. Container Security (Docker/Kubernetes)
  3. Serverless Security Best Practices
  4. Infrastructure as Code Security
← Back to Secure Coding & OWASP Top 10 for Backend