Full Runtime Visibility and Control Across the Serverless Mesh
In a serverless paradigm, cloud functions are invoked asynchronously and in response to cloud events. The underlying serverless platform invokes on demand, scales as need, and runs to complete the task until called again for another task. The Serverless computing solutions that exist today are AWS Lambda, Azure Functions, Google Cloud Functions, IBM Cloud Functions.
By freeing up developers from managing the underlying cloud infrastructure, the serverless architecture enhances agile, continuous development and deployment. However, the volatile serverless environment makes it very challenging to set and enforce effective security perimeters and controls. Alcide’s Embedded Policies let DevSecOps teams define smart, function-level segmentation by applying IAM policies that provide optimal control over the resources that a serverless function can access and the resource operations it can apply. Alcide serverless security continuously monitors functions at a granular level as they are invoked, tracking the flow of traffic across the entire serverless mesh in order to define and control the function blast radius and alert stakeholders to potential breaches of the defined perimeters and controls.