What are the primary security risks associated with serverless functions, and how do you mitigate them?