Monitoring – and Securing – Serverless Computing Architectures

Learn more about serverless architectures, and how to secure them with a new whitepaper.

Since the introduction of Amazon Web Services (AWS) Lambda, there are been a rise in popularity in the use of serverless architectures. As a brief overview, a serverless architecture is an environment where applications are processed and data is executed without servers, virtual machines, or other systems. Technically speaking, the code still runs on top an operating system (which does use a server or a virtual machine), but the service provider manages this part of the process.

For example, with AWS Lambda, developers can write code without worrying about how it will be used by servers. Instead, they can create code to address a specific goal, set the correct permissions, and determine when it should be executed. This helps reduce costs – the organization only has to pay for the computing time it actually uses – but leads to many other benefits, too. Developers and organizations can accelerate their time to market and product releases, reduce additional costs, such as development and operation costs, and increase scalability.

 Yet at the same time, security is still a concern, especially related to areas such as authentication, authorization, system integrity, and systems communications. Also, consider that each cloud service has different security controls, so you have to make sure their policies offer sufficient security for you. As a result, many practices and tools used in traditional architectures do not apply.

How to improve security in serverless architectures?

If you’re interested in implementing a serverless architecture, what can you do improve security?

First, if you’re using AWS Lambda, you can download our new whitepaper, “Monitoring Serverless Architectures in AWS.” This document discusses methods to audit and monitor AWS Lambda functions as well as how Observable Network’s endpoint modeling solution can put these methods into practice.

For example, this whitepaper provides specific detail and recommendations for how to improve auditing and monitoring of AWS Lambda functions.

  • Auditing: It is important to periodically audit your policies to make sure they are not outdated, or that they’re not unintentionally allowing access to more resources than necessary. The AWS Lambda IAM API can be used to show which users are allowed to change or invoke a Lambda function or configuration.
  • Monitoring: In addition to auditing, you should also monitor AWS Lambda functions to keep track of the architecture and activities on an ongoing basis.

Improving auditing processes helps make sure existing configurations meet policies and expectations.

To accomplish this, you can use AWS CloudTrail and AWS CloudWatch to improve the monitoring of various functions, function usage, and invocations. This helps you make sure access policies are being adhered to consistently and provides insight into any functions are being abused.

Together, these auditing and monitoring capabilities can address the majority of security concerns related to serverless computing architectures.

Yet this whitepaper also provides additional information on other serverless architecture security topics, such as how to determine whether a Lambda function is able to access various resources within a VPC. In this example, the Lambda’s function can be tracked using VPC Flow Logs for full visibility into the function’s communication to, from, and within a VPC.

We have previously described how Observable Cloud uses VPC Flow Logs to improve security in cloud environments, but in the example of serverless computing architectures, endpoint modeling uses VPC Flow Logs to address security questions related to AWS Lambda and provide visibility into other examples of unintended behavior. For example, a container escape (a breach of the environment that runs the Lambda function) could be detected with insight into the VPC resources.

As you continue to explore and use serverless architectures, make sure you have effective security measures to improve security efforts over traditional approaches. To learn more – and see how Observable Cloud can help you audit and monitor AWS Lambda functions – please download “Monitoring Serverless Architectures in AWS” today.

Experience Dynamic Endpoint Modeling on Your Own Network

Getting better visibility into your network and improving your security couldn’t be easier. Sign up for a free, no-risk trial of Observable’s Endpoint Modeling solution, and change the way you see security.

Detect Threats Faster – Start Your Free, No-Risk Trial