Nuweba Aims to Bring Speed, Security and Visibility to Serverless
In 2017, we wrote that serverless adoption was on par with containers. A year later, headlines continued to echo this sentiment, stating that serverless was being adopted at a faster rate than expected, and now, in the first months of 2019, predictions for the year ahead foretell of serverless’ continued momentum.
“We believe that serverless can and should be the optimal architecture for almost any use case, including user-facing, mission-critical or time-sensitive apps,” said Neeman in a company statement. “Current serverless platforms aren’t fast enough, don’t secure the application layer and offer little visibility. This leads to poor performance and leaves your most valuable assets vulnerable. We knew we could do better. That is why we built Nuweba.”
The company says that it has “redesigned serverless from the kernel up with solutions to all three problems baked in,” although Neeman admits that while visibility is central to serverless success, he thinks the primary hindrances are speed and security.
“I feel that performance (speed and scale) are the biggest problems of serverless. Not visibility. Visibility is always very important, but the performance issue inhibits serverless from being a mainstream technology and the go-to architecture for core functionalities,” wrote Neeman in an email. “Today, mission-critical and user-facing apps are considered as ‘less suitable’ for serverless due to poor performance (invocation latency) and lack of application-layer security (runtime protection). Imagine a ridesharing company which needs to process requests in near real-time and send results to passengers and drivers. Invocation latency in current serverless platform won’t allow them to offer a reasonable UX. With Nuweba this use case can (and will be) built serverless.”
With Nuweba’s beta release, the FaaS platform will offer a one-click migration from AWS Lambda, Azure Functions, IBM Cloud Functions, and Google Cloud Functions, and claims to offer a tenfold speed increase with 8-40ms invocation latency without container reuse. Currently, Nuweba also offers runtime support for Node.js, Go, Python, .NET, Ruby and Java.
Nuweba also offers auto-configured monitoring and self-generate security policies, with security being the native field and focus of the founding team, after having “served in the elite technology unit of the Israel Defence Forces where they led cybersecurity operations.” In his email, Neeman outlined the six different layers of security integrated into the Nuweba platform, which include not reusing containers, preventing remote code execution at the kernel level, inspecting network traffic, keeping secrets, tokens, and identity access management (IAM) roles in a “credentials vault” outside of the function containers, and protection against XSS, SQLI, SSRF and other attacks with a “function vulnerability firewall.” The sixth layer, Neeman said, is still in production and will offer anomaly detection with a “real-time analysis of the entire application flow.”
Nuweba also announced that its emergence from stealth comes alongside a seed funding round of $4.8 million led by Magma Partners and Target Global among other investors, with Modi Rosen, a managing partner at Magma Partners, calling Nuweba “a solution that takes control of your serverless apps, while still enjoying the benefits of abstraction” and “an unparalleled platform.”