[nimbius]

as a system administrator, I find the summary as laughable as the FAAS movement itself.

"FaaS takes on the responsibility for “patching” the underlying servers, freeing you from OS patching"

So a sysadm-er, devops admin will be rolling these out and back with CI on a regular basis to dev,test and prod.

"Denial of Service (DoS) attacks are naturally thwarted by the (presumed) infinite capacity Serverless offers."

Unless youre invoicing department is cutting cheques to cloudflare, you'd be surprised just how limited the service is. Capacity might be amorphously defined as infinite on paper, but network capacity is quite real.

"Since the OS is unreachable, attackers will shift their attention to the areas that remain exposed – and first amongst those would be the application itself."

the OS is reachable, what you mean to say is that its not your problem.

[guypod]

- A sys admin will not be rolling out OS patches. The platform does itself. - Attackers typically use DoS to make a system unavailable, not just make it expensive to operate. I do note the cost concern, but if attackers are unsuccessful taking a system down, they are less likely to attack it. - I indeed meant "attacking through the OS is unreachable", referring to the portion explaining the OS patches are better managed. It's indeed not perfectly accurate phrasing, but allow a guy some literal freedom in the summary - the details came before.

[kayfox]

Some attackers are perfectly fine with costing a company a ton of money without taking their service down.