Performing Serverless Function Security Review When to Use - When auditing serverless applications before production deployment - When investigating potential data exposure through function environment variables or logs - When assessing the blast radius of a compromised serverless function execution role - When compliance reviews require documentation of serverless security controls - When building secure-by-default templates for serverless deployments Do not use for container or VM security assessments (use container scanning tools), for API security testing (use DAST tools on the API Gatewa…