Serverless Architecture: A New Threat to API Security?

Jump to latest Follow Reply
#4
Emmanuel Phakula Mandala said:
serverless architectures do present new security challenges, they don't inherently make APIs more vulnerable to attacks. Proper security measures and best practices can help mitigate these risks and ensure the security of APIs in a serverless environment.
Click to expand...
Just need to keep those APIs on a tight leash!
 
  • Love
Reactions: Trevor Chandler
#6
Trevor Chandler said:
That's brief!!!
Click to expand...
Well, there's not much to say. It was a question that promoted the concept of "post hoc ergo propter hoc".

Serverless architecture doesn't make APIs less or more vulnerable. APIs are going to be secure or not based on how well they are built - how well they follow the latest techniques of secure programming and whether the orgs that use them don't succumb to the laziness that surrounds having to update security on a routine basis.

There's nothing that says a serverless service changes how secure an API is. It's too general a question.
 
  • Love
Reactions: Trevor Chandler and precious
#8
Rick Butler said:
Well, there's not much to say. It was a question that promoted the concept of "post hoc ergo propter hoc".

Serverless architecture doesn't make APIs less or more vulnerable. APIs are going to be secure or not based on how well they are built - how well they follow the latest techniques of secure programming and whether the orgs that use them don't succumb to the laziness that surrounds having to update security on a routine basis.

There's nothing that says a serverless service changes how secure an API is. It's too general a question.
Click to expand...
I appreciate your reply. I value the clarification provided regarding the connection-or lack thereof-between API security and serverless architecture.

You're correct; in the end, API security depends on the caliber of development procedures and regular upgrades. Although I acknowledge that the topic may have been overly broad, I was interested in whether serverless systems present particular difficulties or factors that developers should take into account when protecting APIs.

Do features like event-driven design or dependency on managed services, for instance, open up new avenues for attacks, or is it all about implementing security in any setting?
 
#10
precious said:
I

I felt the same
Click to expand...
Trevor Chandler said:
Great souls feel the same!!!
Click to expand...
Sorry, but I'm starting to feel like the boards are being cluttered up with a lot of "brief" cluttery posts. While I'm not opposed to more activity - I believe CIN needs it, I'm finding that responding with 2-5 word replies on EVERY post, to me, is making it hard to engage in meaningful conversations about real topics.

/r
 
  • Like
  • Love
Reactions: Gregory Childers and precious
#11
Rick Butler said:
Well, there's not much to say. It was a question that promoted the concept of "post hoc ergo propter hoc".

Serverless architecture doesn't make APIs less or more vulnerable. APIs are going to be secure or not based on how well they are built - how well they follow the latest techniques of secure programming and whether the orgs that use them don't succumb to the laziness that surrounds having to update security on a routine basis.

There's nothing that says a serverless service changes how secure an API is. It's too general a question.
Click to expand...
I got lost from the beginning - '"post hoc ergo propter hoc"
 
You must log in or register to reply here.
Top Bottom
Back
Jump to latest Follow Reply
Jump to latest Follow Reply
Home
Media
Resources
Menu