Many fundamental security practices and controls apply to serverless applications, including implementing proper monitoring and logging of all requests and events. This session will cover recommendations published by the Center for Internet Security (CIS), how to automate the deployment of some of these controls, as well as outlining additional considerations relevant to serverless functions.