1. Home
  2. Training Library
  3. Amazon Web Services
  4. Courses
  5. Serverless Security: Comparing FaaS to IaaS

Introduction

The course is part of these learning paths

Serverless Computing on AWS for Developers
course-steps 12 certification 1 lab-steps 8
Getting Started with Serverless Computing on AWS
course-steps 8 certification 1 lab-steps 9
play-arrow
Introduction
Overview
Transcript
DifficultyIntermediate
Duration34m
Students372
Ratings
5/5
star star star star star

Description

Course Description

As more and more organization are moving towards a serverless or Function as a Service (FaaS) architecture and framework, understanding how this affects security is essential.  There are both pros and cons to implementing a serverless solution from a security perspective.  This course will look at both the benefits and the negatives when adopting a FaaS solution and how this affects the safeguarding of your data.  
 
Most people have a deeper understanding of IaaS security, but some of the secure methods used within IaaS are not required within FaaS and vice versa.  There are also a number of security threats and concerns which affect both FaaS and IaaS architectures which will also be discussed.  
 
Towards the end of the course, it explains how serverless is impacted by the OWASP (Open Web Application Security Project) top 10 list of vulnerabilities.

Learning Objectives

By the end of this course, you will

  • Understand and be able to distinguish between the pros and cons of serverless security
  • Understand where to focus additional security controls in a FaaS solution
  • Have a general overview of how security differs to that of a typical IaaS solution

Intended Audience

This content in this course would be beneficial to:

  • Engineers who are focused on delivering secure serverless solutions within an enterprise environment
  • Security architects looking to enhance their knowledge of FaaS solutions
  • Developers deploying applications within a serverless environment

Prerequisites

As a prerequisite of this course you should have a basic knowledge and awareness of the following:

  • A general understanding of what Serverless means
  • Understand what FaaS and IaaS relates to
  • A basic awareness of different attack vectors, such as DoS
  • AWS Lambda
  • Amazon Cognito
  • Amazon API Gateway
  • Security controls within IAM

This course includes

6 lectures

Feedback

If you have thoughts or suggestions for this course, please contact Cloud Academy at support@cloudacademy.com.

About the Author

Students58527
Labs1
Courses55
Learning paths39

Stuart has been working within the IT industry for two decades covering a huge range of topic areas and technologies, from data centre and network infrastructure design, to cloud architecture and implementation.

To date, Stuart has created 50+ courses relating to Cloud, most within the AWS category with a heavy focus on security and compliance

He is AWS certified and accredited in addition to being a published author covering topics across the AWS landscape.

In January 2016 Stuart was awarded ‘Expert of the Year Award 2015’ from Experts Exchange for his knowledge share within cloud services to the community.

Stuart enjoys writing about cloud technologies and you will find many of his articles within our blog pages.

Transcript

Hello and welcome to this course. I'm going to be focusing on how security around serverless and Function as a Service architectures compares to that of Infrastructure as a Service security. I will be examining the differences and similarities between them to understand where a serverless environment makes security easy to manage and where it makes it harder to address security concerns and issues. 

Before we start, I would like to introduce myself. My name is Stuart Scott. I am one of the trainers here at Cloud Academy, specializing in AWS, Amazon Web Services. Feel free to connect with me with any questions using the details shown on the screen. Alternatively, you can always get in touch with us here at Cloud Academy by sending an email to support@cloudacademy.com where one of our Cloud experts will reply to your question. 

The content within this course will be beneficial to engineers who are focused on delivering secure serverless solutions within an enterprise environment. Security architects looking to enhance their knowledge of FaaS solutions and developers deploying applications within a serverless environment. 

This course is comprised of the following lectures, starting with reducing security threats with serverless. This lecture focuses on how a serverless solution can bring security benefits by design. Downfalls of security with serverless and this lecture focuses on the opposite of the previous lecture. And so here I'll be talking about how a serverless solution can make some elements of security more difficult. Common Function as a Service and Infrastructure as a Service Security concerns and this lecture highlights different security concerns that exist in both an IaaS and FaaS solution. OWASP and Serverless Application Security. In this lecture, I focus on application security and how serverless solutions need to mitigate against common attack vectors outlined in the OWASP top 10 list. And finally the course summary. And this lecture summarizes the key points from each of the previous lectures. 

By the end of this course, you will understand and be able to distinguish between the pros and cons of serverless security. You'll understand where to focus additional security controls in a FaaS solution and have a general overview of how security differs to that of a typical Infrastructure as a Service solution. 

As a pre-requisite of this course, you should have a basic knowledge and awareness of the following. A general understanding of what serverless means, understand what FaaS and IaaS relates to, a basic awareness of different attack vectors such as denial of service, AWS Lambda, Amazon Cognito, Amazon API Gateway, and security controls within IAM. If you want to find out additional information about any of these points, then feel free to search our library to look at the following content. We have a learning path entitled Getting Started with Serverless Computing. We have a number of courses, Introduction to Amazon API Gateway, an Overview of IAM and an Introduction to the Web Application Firewall. And we also have a couple of labs, Manage Authentication with Amazon Cognito and Introduction to AWS Lambda. 

Feedback on our courses here at Cloud Academy are valuable to both us as trainers and any students looking to take the same course in the future. If you have any feedback, positive or negative, it would be greatly appreciated if you can contact support@cloudacademy.com. 

That brings me to the end of this lecture. Coming up next, I want to start off by looking at how serverless solutions offer security benefits over that of Infrastructure as a Service.