CloudAcademy
menu
  1. Home
  2. Content Library
  3. Amazon Web Services
  4. Courses
  5. Serverless Security: Comparing FaaS to IaaS

Introduction

The course is part of these learning paths

Serverless Computing on AWS for Developers

course-steps 11 certification 1 lab-steps 8

Getting Started with Serverless Computing on AWS

course-steps 7 certification 1 lab-steps 9

Contents

keyboard_tab
Introduction
1
Introduction3m 36s
FaaS & IaaS
2
Reducing Security Threats with Serverless9m 58s
3
Downfalls of Serverless Security5m 51s
4
Common FaaS & IaaS Security Concerns4m 22s
5
OWASP & Serverless Application Security5m 55s
Summary
6
Summary3m 57s
play-arrow
Start course
Overview
Transcript
DifficultyIntermediate
Duration34m
Students146

Description

Course Description

As more and more organization are moving towards a serverless or Function as a Service (FaaS) architecture and framework, understanding how this affects security is essential.  There are both pros and cons to implementing a serverless solution from a security perspective.  This course will look at both the benefits and the negatives when adopting a FaaS solution and how this affects the safeguarding of your data.  
 
Most people have a deeper understanding of IaaS security, but some of the secure methods used within IaaS are not required within FaaS and vice versa.  There are also a number of security threats and concerns which affect both FaaS and IaaS architectures which will also be discussed.  
 
Towards the end of the course, it explains how serverless is impacted by the OWASP (Open Web Application Security Project) top 10 list of vulnerabilities.

Learning Objectives

By the end of this course, you will

  • Understand and be able to distinguish between the pros and cons of serverless security
  • Understand where to focus additional security controls in a FaaS solution
  • Have a general overview of how security differs to that of a typical IaaS solution

Intended Audience

This content in this course would be beneficial to:

  • Engineers who are focused on delivering secure serverless solutions within an enterprise environment
  • Security architects looking to enhance their knowledge of FaaS solutions
  • Developers deploying applications within a serverless environment

Prerequisites

As a prerequisite of this course you should have a basic knowledge and awareness of the following:

  • A general understanding of what Serverless means
  • Understand what FaaS and IaaS relates to
  • A basic awareness of different attack vectors, such as DoS
  • AWS Lambda
  • Amazon Cognito
  • Amazon API Gateway
  • Security controls within IAM

This course includes

6 lectures

Feedback

If you have thoughts or suggestions for this course, please contact Cloud Academy at support@cloudacademy.com.

About the Author

Stuart Scott

AWS Content Lead
Students36437
Labs1
Courses40
Learning paths16

Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data centre and network infrastructure design, to more recently cloud architecture and implementation.

He is a Certified Data Centre Design Professional (CDCDP), with his latest achievements gained within the Amazon Web Services (AWS) field.

He currently holds the AWS Certified Solutions Architect - Associate certification as well as accreditations as an AWS Business and Technology Professional and in TCO and Cloud Economics.

In January 2016 Stuart was awarded 'Expert of the Year Award 2015' from Experts Exchange for his knowledge share within cloud services to the community.

Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.