Security News > 2021 > December > You may have cracked serverless development, but it’s almost certain you haven’t solved serverless security

Serverless is revolutionizing software development, allowing organizations to produce applications which consume cloud resources only when they need to.

So it might come as a shock that while 70 per cent of respondents to the State of Serverless Application Security Report have six or more teams working on serverless development, they are also building up a worrying "Serverless security debt".

Over 71 per cent of respondents admitted their average serverless applications have more than 10 vulnerabilities.

The problem is traditional application security tools are designed for traditional web applications.

Which is why Contrast Security has launched its Contrast Serverless Application Security product, targeting the specific security concerns presented by serverless.

Initially aimed at AWS Lambda-based serverless applications, the suite includes dynamic environment scanning, based on the OWASP Top Ten benchmarks, as well as resource mapping to uncover the relationships between all the resources in the environment.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/12/14/you_may_have_cracked_serverless/