Member-only story
Why Threat Modelling Should Be Part of Your Serverless Development
Incorporate it to build robust solutions
This is the first of a two-part series on threat modelling in serverless.
In this first article, we discuss the threats related to a serverless application and build a case for incorporating threat modelling as part of the development process.
In the second part, I will explain the threat modelling process with simple steps that will help you understand, adapt, and expand as per your domain and development practices.
“Trust nobody!” “Secure everything!” “Defend in depth!” These phrases are echoed at every tech conference, more so at cloud and serverless ones.
Most organizations embark upon various measures to raise security awareness. There are some processes and procedures that convey the significance of security and, equally, raise consciousness about the consequences in case of an intrusion or a breach.
There are several books on security, and there are training courses, security tournaments, certifications, and many other forms of resources and encouragements for everyone. For engineers, security resources are often available at different levels, based on the engineer’s experience and role in architecting solutions.
