Threat actors may abuse serverless computing, integration, and automation services to execute arbitrary code in cloud environments. Many cloud providers offer a variety of serverless resources, including compute engines, application integration services, and web servers.
This type of attack technique cannot be easily mitigated with preventive controls since it is based on the abuse of system features.