The idea of ‘serverless’ is NOT about removing the servers completely (or you couldn’t use the internet at all), but essentially paying for services that mean that someone else manages the servers for you, thereby reducing maintenance load…
Not having access to the server can make things harder, but not impossible. And it’s not necessarily wrong, just different.
And the same applies to securing serverless apps. In some ways, it’s easier than securing traditional web apps. In other ways, it’s harder. And in yet other ways, it’s merely different.
In this post, we’ll summarize these key differences and help you secure serverless apps.