Building your application on a FaaS

[relemedf5w023]

Disadvantages and security issues of FaaS
Although serverless environments have great benefits, it is important to consider the disadvantages before using this model. Here are some common disadvantages of serverless/FaaS environments:

provider lock-in: platform can force you to rely on its vendor and make it difficult to switch to another one;
Cold start. FaaS runtimes are not idle. Sometimes there is a delay in executing a function that can negatively impact your application;
Short lifespan. FaaS is designed to scale up and down in response to load, which provides excellent cost savings. However, it is not designed for long-running processes, so it does not provide the same cost benefits for them;
Security issues. The FaaS environments of the bahamas whatsapp data largest providers are targets for attacks. Most recently, attackers exploited an Azure Functions vulnerability to escalate their privileges and escape from the Docker container running the code to the Docker host.
FaaS environments are not without their own security vulnerabilities. As mentioned, FaaS frees organizations from the burden of OS patching. Since the OS is inaccessible, attackers will shift their focus to areas that remain unprotected, with the application itself being the primary target. Given this approach, consider the following data-related security concerns to consider when moving to a serverless environment:

Expanded attack surface. Serverless functions consume data from a variety of event-driven sources, such as APIs, message queues, cloud storage, etc. The attack surface of a software environment consists of all the points through which an unauthorized user can enter or extract data. Serverless systems are made up of a large number of components. New entry points for attackers and unauthorized users are added with each new tool, service, or platform integrated into the ecosystem. Every time your architecture scales and shrinks, the attack surface changes. Each of these different types of sources may contain untrusted or attacker-controlled inputs.
Stateless Server Security: Even though functions are stateless, application logic often requires data. In a stateful application, this information remains on the machine handling the request, sometimes even in memory and on disk. However, a stateless function uses external storage across all calls to persist the data. The performance implications of not having the data on the same machine are usually small, but storing sensitive data off the server has significant security implications. Data is at risk in two situations: while it is in transit, and when the data store is compromised. Simply put, data stored off the machine is at greater risk than data stored on the machine.