diff --git a/docs/docs/serverless-functions.md b/docs/docs/serverless-functions.md
index a5753b376d81..2808502e16a4 100644
--- a/docs/docs/serverless-functions.md
+++ b/docs/docs/serverless-functions.md
@@ -846,7 +846,7 @@ Content-Type: application/json
 
 ### Other security considerations
 
-In addition to securing your serverless functions, you may consider logging, rate limiting and whitelisting as ways to protect your functions from abuse or misuse.
+In addition to securing your serverless functions, you may consider logging, rate limiting and whitelisting as ways to protect your functions from abuse or misuse. Some of these benefits can be achieved with middleware like [middy](https://middy.js.org/), since our functions should be compatible with the lambda functions ecosystem.
 
 #### Visibility via Logging
 
@@ -916,3 +916,7 @@ export const handler = async (event: APIGatewayEvent, context: Context) => {
   }
 }
 ```
+
+## How-To
+
+We have prepared a simple [How-To](how-to/custom-function/) for you on how to setup a custom function to retrieve the server time, including consideration of CORS.