SOAR technologies strive to automate some of the repetitive human effort required to maintain a strong security posture. Here's how SOAR tools fit into an enterprise security strategy.
How to explain serverless in plain English
Serverless confuses people: We are talking about less management of servers, not fewer servers. Here's how to explain this trend – and what it means to development – to anyone
The challenge of explaining serverless to people isn’t technical but literal: The term is a misnomer.
“Serverless is a rather bad name for a cohort of technologies that enable executing application code without managing or caring about the underlying infrastructure, and doing so on demand and in a highly automated way,” says Amir Jerbi, CTO at Aqua Security.
All of that sounds pretty good in a modern IT context – except for the whole “bad name” thing. Jerbi’s not alone in his view: If there’s a widespread gripe with serverless, it’s the word itself.
"I’ve actually always been bothered by the term ‘serverless,’ as clearly servers are still required to power serverless applications,” says Jonathan LaCour, CTO at Mission. “The key differentiator is that serverless systems remove the burden of server management.”
[ Struggling to explain containers to non-techies? Read also: How to explain containers in plain English. ]
Another common gripe is the use of serverless and Functions-as-a-Service synonymously. Serverless "describes a set of architectural patterns that build on FaaS," explains Red Hat technology evangelist Gordon Haff in his article, “What is serverless?” – recommended reading.
It’s not that there are no servers. Rather, it’s that the people responsible for building an application no longer have to think about the servers or just about anything else the application needs to run on those servers, such as storage, patching, or load balancing.
Put that way, you can begin to see why serverless – misnomer notwithstanding – is becoming an everyday part of the IT lexicon. As interest continues to grow, you’ll need to be able to explain serverless clearly to people, including non-technical folks. You’ll most likely need to start by clarifying that servers haven’t actually vanished.
Let’s start with some solid, concise definitions of serverless. Then we’ll share some advice for explaining serverless to wide audiences in a manner that everyone can understand. And, yes, there will be cake – we swear.
What is serverless?
Jerbi and LaCour got us off to a good start; we also asked other experts to chime in with their definitions of serverless in plain terms to help build up a good list to use in your own explanations.
Alex Ough, CTO architect at Sungard Availability Services: “Serverless is an architecture that allows you to run applications without having to manage the servers or infrastructure. In a serverless architecture, third-party cloud providers set up the necessary environments you need and handle any infrastructure management tasks, such as patching and system maintenance, so you don’t need to worry about them.”
Jeff Shurts, EVP of delivery at SPR: “Serverless means that a developer or company deploying software to the cloud doesn’t need to – and in fact can’t – specify what server or servers to deploy to. Cloud providers have created what software people call an abstraction layer, which is software that takes certain requirements [such as] performance, hours of uptime per day, etc., and then figures out how many instances of your software need to be running in order to meet those requirements.”
Danny Waite, chief technology officer, Furnace Ignite: “Put simply, serverless is an evolution of managed cloud-based infrastructure services with three distinct characteristics: You don’t need to manage servers; the service will scale up automatically as you need; and when you’re not using the service, you pay nothing.”
Jerry Gamblin, principal security engineer at Kenna Security: “‘Serverless’ is just a fancy marketing term for ‘a computing service that takes your code as an input, safely executes that code and returns the output, while billing you only for the resources used during the execution of that code.’ I guess the marketing term is [more concise].”
Mark Runyon, senior consultant at Improving: “Serverless allows you to build and run applications up in the cloud without concern for what is going on with the server. The application developer can build their app without worrying about applying patches to the server, ensuring it has adequate resources for the processing and storage needs of the application or dealing with the headaches of clusters or load balancing.”
Jonathan LaCour, CTO at Mission: “When we talk about serverless, we are talking about less management of servers, not less servers. Ironically, there’s probably a lot more servers; you just don’t have to care about them anymore.”
[ Related read: 7 open source platforms to help you get started with serverless computing. ]
How to explain the benefits of serverless to non-techies:
These definitions speak to the core benefits of serverless when paired with the right use cases. (To be sure, serverless isn’t a fit across the board; it comes with its own considerations and risks, including ceding some control.) Ory Segal, CTO at PureSec, captures three of the biggest upsides of serverless here:
- No server and infrastructure management: Again, it’s not that there aren’t any servers, it’s just that they’re someone else’s job.
- Granular resource optimization: “You only pay for the actual time your code runs,” Segal says, noting that sub-second metering makes the pay-for-what-you-use promise more attainable.
- Automated and continuous scaling: “Applications automatically handle concurrent execution,” Segal notes.
If the benefits alone don’t do the trick, sometimes a metaphor or analogy can help make the lightbulb go off for folks who don’t intuitively understand software architecture and development. Also, we promised cake. Let's dig in: