Securing Serverless Functions When to Use - When deploying Lambda functions or Azure Functions with access to sensitive data or cloud APIs - When auditing existing serverless workloads for overly permissive IAM roles - When integrating serverless functions into a DevSecOps pipeline with automated security scanning - When hardcoded secrets or vulnerable dependencies are discovered in function code - When establishing runtime monitoring for serverless workloads to detect injection or credential theft Do not use for container-based compute security (see securing-kubernetes-on-cloud), for API Gat…