An AWS and Azure serverless summary
Fast foward. Public Domain. https://flic.kr/p/Ep8d5G

An AWS and Azure serverless summary

Christophe Parisel Christophe Parisel

Christophe Parisel

Senior Cloud security architect at Société Générale

发布日期: 2018年11月29日
+ 关注
In the race for "serverlessness", there is not one leader and one challenger: there are two leaders.

Now that most Azure (ignite, ...) and Amazon (reinvent, ...) announcements have passed and that this year is closing in, it’s time to take a wider perspective and to look at the impressive IT security achievements that both providers have been able to accomplish. In the Public Cloud coming of age this summer, I was super excited to claim out and loud that IT had reached a major turn with the advent of serverless and I summarized the keys reasons for that. In demystifying security part 1, I started to dive deeper and to focus on tenants isolation; I tried to show that providers had settled down to an industrial standard that would unleash serverless capabilities rapidly.

Now that Firecracker has been officially announced, I am able to disclose a clearer picture of how micro-VMs, the new gold standard for tenants isolation, is shaping up and how it compares with the situation in, say, 2016 to highlight the huge progress:

Keep in mind a few things about these tables:

  • It is not a technologically and chronologically accurate design! (eg: Xen is still used a lot in AWS) It only brings about features observed from a customer’s perspective
  • It is also not a technical architecture stack... Consider it a functional stack of components somehow arbitrarily (but fairly, I hope!) chosen to serve the purpose of this article
  • Tenants isolation is far from being the only criteria to define an industrial standard, but it is quite telling
  • If there are mistakes or missing points, please let me know in the comments I'll be more than happy to amend


Conclusion

? There is clearly not one leader and one challenger, but two leaders;

? Micro-VM as a mature technology is a huge enabler for serverless adoption at low costs, but True serverless is not fully ready for production in my personal opinion (see references above);

Finally and maybe most importantly, I let you admire the nearly perfect time synchronicity in the maturity of both providers. Architecture is an art, after all :)











要查看或添加评论,请登录

Christophe Parisel的更多文章

  • Adversarial lateral motion in Azure PaaS: are we prepared?
    2025年3月10日

    Adversarial lateral motion in Azure PaaS: are we prepared?

    Lateral motion techniques are evolving in PaaS, and we should be worried. Let's discuss a risk confinement approach.

    19 条评论
  • How will Microsoft Majorana quantum chip ??compute??, exactly?
    2025年2月27日

    How will Microsoft Majorana quantum chip ??compute??, exactly?

    During the 2020 COVID lockdown, I investigated braid theory in the hope it would help me on some research I was…

    16 条评论
  • Zero-shot attack against multimodal AI (Part 2)
    2025年2月3日

    Zero-shot attack against multimodal AI (Part 2)

    In part 1, I showcased how AI applications could be affected by a new kind of AI-driven attack: Mystic Square. In the…

    6 条评论
  • Zero-shot attack against multimodal AI (Part 1)
    2025年1月20日

    Zero-shot attack against multimodal AI (Part 1)

    The arrow is on fire, ready to strike its target from two miles away..

    11 条评论
  • 2015-2025: a decade of preventive Cloud security!
    2025年1月6日

    2015-2025: a decade of preventive Cloud security!

    Since its birth in 2015, preventive Cloud security has proven a formidable achievement. By raising the security bar of…

    11 条评论
  • Exploiting Azure AI DocIntel for ID spoofing
    2024年12月16日

    Exploiting Azure AI DocIntel for ID spoofing

    Sensitive transactions execution often requires to show proofs of ID and proofs of ownership: this requirements is…

    10 条评论
  • How I trained an AI model for nefarious purposes!
    2024年12月9日

    How I trained an AI model for nefarious purposes!

    The previous episode prepared ground for today’s task: we walked through the foundations of AI curiosity. As we've…

    19 条评论
  • AI curiosity
    2024年11月26日

    AI curiosity

    The incuriosity of genAI is an understatement. When chatGPT became popular in early 2023, it was even more striking…

    3 条评论
  • The nested cloud
    2024年11月13日

    The nested cloud

    Now is the perfect time to approach Cloud security through the interplay between data planes and control planes—a…

    8 条评论
  • Overcoming the security challenge of Text-To-Action
    2024年10月15日

    Overcoming the security challenge of Text-To-Action

    LLM's Text-To-Action (T2A) is one of the most anticipated features of 2025: it is expected to unleash a new cycle of…

    19 条评论

社区洞察

其他会员也浏览了