In which layer security should be develop and implement

Hi Everyone,
Just join this forum and it be great to get a feedback regard where to develop security in Serverless environment.
My dev team is looking to sniff/analyze all request/respond/payload goes to the application/services on AWS. what are the options to achieve this goal?