Adnan - the serverless security working group is researching this right now if you care to add your thoughts. You're asking the right question - it's not just what risks have gone away, but what new ones are we now faced with trying to mitigate?
As to when a paper will be out - I'm not the lead so will stay mum there. :)
------------------------------
John Kinsella
------------------------------
Original Message:
Sent: May 08, 2020 09:41:54 AM
From: Adnan Rafique
Subject: CCM for Serverless and Kubernetes
How are you guys working or dealing with security controls when it comes to serverless and Kubernetes. I think CCM will help me but the question is around there is no physical server involved in serverless which can be easily eliminated however at the same time what else can be eliminated or added specific to serverless. Hs anyone worked on something similar?
Thanks
------------------------------
Adnan Rafique Cloud Security Leader
------------------------------