Security in serverless is solved in the same way as all other problems in serverless: by using a managed service that someone else has built and solved all of the problems with. This doesn't solve issues that are created by the developer, though, such as SQL injection exposure and a large attack surface, but it does solve a lot of issues. In this chapter, you've learned how to protect your serverless functions with an API management instance and how to use Azure Active Directory B2C to both protect your customers' data and speed up your development.
Now that you have created a simple security layer using managed cloud services, the next chapter will focus on fulfilling another basic requirement of all applications with managed services—observability. You will also learn about the unique challenges Serverless presents and why good observability practices are vital.