In serverless computing, organizations rely heavily on CSPs to manage the infrastructure, runtime, and scaling. A key risk is thelevel of control and influence governments have over CSPs, potentially affecting availability, access, or confidentiality of hosted services due to legal orders or government actions. Concerns about virtualization technologies, scalability, or third-party monitoring are valid but less critical compared to the overarching legal and control risks tied to CSP reliance.
[Reference:CompTIA SecurityX CAS-005, Domain 4.0: Understand the legal and regulatory impacts and risks of adopting third-party serverless solutions., , , , ]
Submit