Just as with other instant computing infrastructures in the past, Function-as-a-Service (FaaS) now enables DevOps teams to deploy applications more efficiently at a fraction of the cost. With AWS Lambda, Amazon Web Services’ (AWS) serverless infrastructure approach, enterprises can get to market even faster without worrying about compute costs or capabilities. As a result, security is paramount to this new approach, and enterprises must use comprehensive tools to fully protect enterprise resources in serverless environments. For the remainder of 2021, Imperva is offering Serverless Protection free of charge to help enterprises streamline app development operations on AWS Lambda without compromising security.
In today’s market, enterprises are developing apps quickly to keep pace with the competitive landscape. This makes AWS Lambda a great platform for accelerating production. However, enterprises often overlook their shared responsibilities, which include security, compliance and monitoring. In environments without servers, traditional perimeter and endpoint security tools cannot adequately protect data, while scanning tools cannot be deployed quickly enough to identify and remediate risks. In some cases, organizations delay the launch to manually monitor vulnerabilities in code, costing the business variable revenue by delaying time to market. To help security keep pace, Imperva Serverless Protection can be embedded in the AWS Lambda layer of applications to provide comprehensive visibility and control over all serverless functions. Once deployed, serverless functionality is protected without the need for signature updates.
Imperva Serverless Protection benefits include:
- Comprehensive visibility: gain visibility into your serverless function activity, including network activity, file access, database activity, weak authentication, and executed commands that lead to attacks such as remote command injection or SQL injection.
- Automated mitigation: With easy-to-use protections that require no code or configuration changes, DevOps and DevSecOps teams can automatically mitigate vulnerabilities.
- Security with development speed: Prioritize value-added business logic over technical security debt for serverless features, resulting in faster time to market without compromising security.
- Protection against serverless OWASP attacks: Imperva Serverless Protection is designed specifically for serverless computing, providing protection against new serverless function attack methods such as event injection, as well as protection against code-level risks, injections, and vulnerabilities.
- Zero-day threat mitigation: Imperva enables a positive security model that provides protection against zero-day exploits without requiring signature updates or machine learning. Imperva Serverless Protection is fully integrated with AWS Lambda and can be quickly deployed to protect your environment without servers.
Please contact your Exclusive Networks Account Manager to learn more about Serverless Protection, a component of the Imperva Sonar platform.