When moving into serverless, software teams don’t need to continually apply security patches or configure firewalls since the serverless provider is responsible for these tasks. However, securing application logic and data is still the responsibility of the serverless practitioners, and is made more difficult due to the higher attack surface and more complex architecture. For example, serverless functions are able to access things they shouldn’t due to vulnerabilities in third-party libraries or a misconfiguration error.
Thundra provides a way of applying allowlist/blocklist security configurations for serverless functions and any other applications. Using Thundra’s allowlist configuration, you can ensure that your function is performing just as it was intended to. You can automatically allowlist the operations that your function is currently performing, and you can also add additional resources to allowlisted resources.
After you configure your allowlist configuration, you can decide on the action for this item. You can either allow violations and receive notifications about them, or you can block any operations other than allowlisted resources and receive notifications about them.
Thundra also allows you to blocklist the resources and/or endpoints to which you want to restrict access. This guarantees you that your function will not interact with malicious sites and resources.
You may think that you know what your function does and that you don't need to implement security configurations. But remember that third-party libraries you use can take you to malicious endpoints, and allowlisting or blocklisting resources can save you from potential problems down the line.
For more information about how to allowlist/blocklist resources, take a look at our Thundra Web Console documentation here.