Serverless adoption has been increasing drastically over the past 18 months- outpacing other cloud infrastructure environments. Given this, Protego Labs has surveyed top security, development, and DevOps professionals from over 30 organizations to get their perspective on serverless adoption and the role security has played in this growth in The State of Serverless and Security Survey.
As seen in other research, AWS Lambda continues to lead the way for serverless deployments making up 84% of all serverless deployments. 35% of organizations surveyed said that their company spends more than 25% of their total IT budget on cloud technologies, and 82% agreed that their organization would benefit from further investment in the cloud across other areas of their organization. Market Research reports that the CAGR for serverless is 26% over the next five years, which supports the finding that 48% of those surveyed feel that serverless is the future of the cloud.
But where does this leave security, and are organizations ready to fully embrace serverless? In order to fully embrace serverless, 66% said that securing their serverless deployments are their top priority. And there is no wonder, with hundreds of functions to manage, having confidence in the security of each function is a daunting task. 53% of those surveys state that they don’t have proper visibility into their serverless functions. This contributes to 68% of organizations not having confidence in the security of their serverless deployments.
So what does this mean? Serverless provides a great opportunity for organizations to expedite application development and save infrastructure expenses, but organizations must be prepared to view their application security risks in a new light. Managing serverless functions and analyzing code manually is not realistic – it is too easy for organizations to lose visibility and control. Luckily there are tools that allow organizations to streamline this process for greater visibility, security, and ultimately – regain control so they can fully embrace the opportunities of serverless.
For more information on these tools, check out this short video to show how easy it is to build your compliance rules and restrictions into your serverless applications.