PaaS makes developers (and possibly operations) lives much easier. But what are the security implications of migrating to PaaS? Does PaaS lead to more secure code? What about a more secure deployment? In principal yes, but what are the realities? How many unicorns do you get, what’s in that pot at the end of the rainbow and what can you do with what you find?