JAMstack Increases Your Security
Everyone concerned with security should adopt a read-only, JAMstack-first approach to systems architecture.
It seems every month we read of another web service that has been hacked. But it is not really surprising to anyone following web technology. NPM has been plagued with trust issues having no method for developers to validate that the packages hosted there are even the ones created by the package creators. It is risky business to be creating applications on the web that could be primary attack vectors for the increasingly elite hackers attacking everything these days. Thankfully the JAMstack and serverless movements thwarts many of these attacks.
No Database to Attack
By its nature JAMstack has no database. Applications that use JAMstack are just files. When capturing user input is needed alternatives are employed through third-parties specializing in functionality as a service. Caution is still required for use of such systems but often such is not required at all.
💢 WordPress and Ruby on Rails are fundamentally flawed having been built entirely on a core database dependency.
No Server to Attack
Although there is really no such thing as serverless there are no servers under your management with JAMstack. Even if you do your own those servers are far more easy to secure since they need only serve static web pages.
Completely Externally Hosted
JAMstacks are usually externally hosted so that they can take advantage of the amazing efficiencies of a content delivery network. Even if one of these edge nodes were compromised it would be literally miles from any sensitive system within your organization.