I'd say decoupling, throttling, and batching are the bigger ones. Security you can handle in an endpoint by requiring a token in a header that only your triggering server knows about. Which prevents third party triggers.
The real advantages are that with a pub/sub architecture the consumer is decoupled in time from the publisher. Meaning that if the consumer goes down, it can replay any events that occurred during its downtime. So where a http request requires that the consumer and the publisher both be up at the same time, pub/sub has no such requirement. It also allows the consumer to throttle and batch incoming data. http requests must be done when they are initialized, pub/sub allows the consumer to pick tasks up as it has capacity and to throttle down the number of requests it is working on to a manageable level. Batching also allows the consumer to handle more than one event at a time.
Basically pub/sub provides greater resilience at the (potential) cost of immediacy. In CAP theorem terms it helps with the P (partition) by loosening the coupling between your services/tasks/whatevers.
We're a place where coders share, stay up-to-date and grow their careers.
We strive for transparency and don't collect excess data.