5 comments

[ 2.9 ms ] story [ 15.6 ms ] thread
A simple botnet can cost a serverless based architecture a $40k bill.

Thoughts on guarding against this type of threat? A WAF can detect some of this but the rotating IPs would make that less effective.

Regular DoS protection should handle all large volumes of traffic, regardless of whether they attack a serverless endpoint or a regular server.

If a too-small-to-trigger-DoS-protection volume of traffic can cause you excessive costs, rethink your usage of extremely overpriced serverless platforms :)