FaaS services such as AWS Lambda take care of many security aspects - networking, firewall, OS updates, etc. Make no mistake, though: application-level security is still fully on our hands! Do we have all the information needed to secure our serverless apps? Enters critical logging!

We surely put in place a lot of proactive measures to secure our applications. We want to prevent attacks, not remedy them, of course. Take a look at John Demian’s great introductory article about Securing serverless applications. In the present article, our goal is to address one of the topics pointed out by him: “insufficient logging".

How does logging help securing an app in the first place?

Credits: Photo by Kevin Ku on Unsplash

Some types of information are critical to log so that they are available when it comes the time to act on security breaches. Having critical logs will help us, for example, understand which security flaws attackers explored and how to fix them, or build a blacklist of IP addresses, or identify compromised customer accounts. Even though we can help ourselves without logs in some cases, they’ll buy us precious time and provide valuable insights that may save our business a lot of money - and most importantly our hard earned reputation!

Remember: we are always in disadvantage against an attacker. They planned everything ahead and have been studying our app for some time. We receive no warning and know nothing about who we’re fighting against. Every bit of information helps us level the playing field.

Below are some examples of information we could classify as critical for logging in a serverless app. It’s not an exhaustive list but will give us a good head start.

#serverless #applications #critical