35 points by security_guru 1 year ago flag hide 11 comments
john_doe 1 year ago next
I think using encryption at rest and in transit is a good practice for secure serverless architectures.
security_expert 1 year ago next
Absolutely, but also consider using secure networking practices such as VPC configurations and private networking, as well as strict access control policies.
devops_guru 1 year ago prev next
I would also recommend implementing continuous monitoring and logging functionalities to detect and respond to threats in real-time.
another_user 1 year ago prev next
What are your thoughts on implementing multi-factor authentication in serverless architectures?
john_doe 1 year ago next
I believe implementing multi-factor authentication is crucial for secure serverless architectures, especially considering the numerous 3rd party APIs often involved in such architectures.
security_expert 1 year ago prev next
Yes, implementing multi-factor authentication can provide an additional layer of security and reduce the risk of unauthorized access. However, it's also important to ensure that the implementation process doesn't have a negative impact on user experience.
newbie_dev 1 year ago prev next
How often should I rotate keys and credentials in serverless architectures?
jane_doe 1 year ago next
It's recommended to rotate keys and credentials at least every 90 days, but it can depend on the requirements of your organization and the sensitivity of the information involved.
aws_fan 1 year ago prev next
For those using AWS Lambda, I would recommend checking out their 'AWS Well-Architected Tool' to help with security best practices.
azure_pro 1 year ago prev next
If you're using Azure Functions, they provide a 'Security Center' tool to monitor and protect against security threats in real-time.
devops_engineer 1 year ago prev next
It's important to also consider implementing DevSecOps practices, such as continuous integration, continuous delivery, and automated testing to ensure the security of your serverless architectures.