M. A. CallesServerless Securityhttps://doi.org/10.1007/978-1-4842-6100-2_2

2. Performing a Risk Assessment

Miguel A. Calles¹

(1)

La Habra, CA, USA

In this chapter, we will learn how to perform a risk assessment for a serverless application. We will explore how to understand how the application works, which includes reviewing documentation, source code, and system accounts and using the application. We will discuss why we scope the risk assessment. We will learn how to develop a threat model and how to use it to start creating the risk assessment.

Conventions

We will review the conventions used throughout this book. For clarity, we will use one example application throughout. We might deviate from this example application at ...

Get Serverless Security: Understand, Assess, and Implement Secure and Reliable Applications in AWS, Microsoft Azure, and Google Cloud now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Serverless Security: Understand, Assess, and Implement Secure and Reliable Applications in AWS, Microsoft Azure, and Google Cloud by Miguel A. Calles

2. Performing a Risk Assessment

Conventions

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly