Cloud Security
Serverless Security
Also known as: FaaS security, Lambda security
Definition
The practice of securing event-driven, function-based workloads such as AWS Lambda, Azure Functions, and Google Cloud Functions, where the underlying servers are managed by the provider.
Examples
- An AWS Lambda with an IAM role allowing s3:* to all buckets after a small CloudFormation typo.
- Datadog or Snyk scanning Lambda dependencies and flagging vulnerable npm packages.
Related terms
Function as a Service (FaaS)
Function as a Service (FaaS) — definition coming soon.
Cloud Security
The set of policies, controls, and technologies that protect data, applications, and infrastructure hosted in public, private, or hybrid cloud environments.
CWPP (Cloud Workload Protection Platform)
A platform that protects cloud workloads — virtual machines, containers, and serverless functions — across their entire lifecycle, from build to runtime.
CNAPP (Cloud-Native Application Protection)
An integrated security platform that combines CSPM, CWPP, CIEM, IaC scanning, and runtime detection to protect cloud-native applications from build to runtime.
Principle of Least Privilege
A security principle that grants every user, process, or service only the minimum privileges strictly required to perform its function — no more.
API Security
API Security — definition coming soon.