US Patent 11036534 Techniques for serverless runtime application self-protection

A system and method for serverless runtime application self-protection. The method includes embedding a serverless defender function into a function serverless bundle containing an application deployment bundle of a serverless application, wherein the embedding further comprises modifying the function serverless bundle to include a serverless defender shared library and a security policy, wherein the serverless defender shared library is configured to install at least one hook into at least one system call of the serverless application when the serverless application is executed, wherein each hook only allows running of system calls and library functions that satisfy the security policy during execution of the serverless application, wherein the serverless defender function is loaded at a system when the serverless application is initiated by the system, wherein the serverless defender function is configured to perform at least one mitigation action when the security policy is violated during execution of the serverless application.