AWS has taken over the responsibilities of patching the OS and securing the underlying physical infrastructure that runs your serverless application, so what's left for you to secure? Quite a bit it turns out.
153. no server*
no OS attacks
no long lived compromised servers
* I know I know, there’s still a server somewhere, but it’s managed and secured by AWS engineers who can do a much better
job of it than most of us can; and the servers are ephemeral and short-lived