Posted On: Nov 28, 2022

Amazon Inspector now supports AWS Lambda functions, adding continual, automated vulnerability assessments for Serverless compute workloads. With this expanded capability, Amazon Inspector now automatically discovers all eligible Lambda functions and identifies software vulnerabilities in application package dependencies used in the Lambda function code. All functions are initially assessed upon deployment to Lambda service and continually monitored and reassessed, informed by updates to the function and newly published vulnerabilities. When vulnerabilities are identified in the Lambda function or layer, actionable security findings are generated, aggregated in the Amazon Inspector console, and pushed to AWS Security Hub and Amazon EventBridge to automate workflows.

Amazon Inspector is a vulnerability management service that continually scans AWS workloads for software vulnerabilities and unintended network exposure across your entire AWS Organization. Once activated, Amazon Inspector automatically discovers all of your Amazon Elastic Compute Cloud (EC2) instances, container images in Amazon Elastic Container Registry (ECR), and AWS Lambda functions, at scale, and continuously monitors them for known vulnerabilities, giving you a consolidated view of vulnerabilities across your compute environments. Amazon Inspector also provides a highly contextualized vulnerability risk score by correlating vulnerability information with environmental factors such as external network accessibility to help you prioritize the highest risks to address. 

Visit the AWS Regional Services list for all the regions where Amazon Inspector is currently available. All accounts can scan their environment for vulnerabilities with a free 15-day trial.

To learn more and get started with continual vulnerability scanning of your workloads, visit: