Abstract: Methods and systems for assessment and management of security in serverless environments are provided. One method includes executing an at least partially automated environment discovery process in which an overall security footprint of the enterprise is determined, and automatically identifying, via an enterprise security assessment tool, one or more security applications and associated settings capable of meeting the set of security requirements of the enterprise based on the sets of attributes associated with a plurality of serverless services.