Posted On: Jun 13, 2023
Amazon Inspector now supports code scanning of Lambda functions, expanding the existing capability to scan Lambda functions and associated layers for software vulnerabilities in application package dependencies. With this expanded capability, Amazon Inspector now also scans your custom proprietary application code within a Lambda function for code security vulnerabilities such as injection flaws, data leaks, weak cryptography, or missing encryption based on AWS security best practices. Upon detecting code vulnerabilities within the Lambda function or layer, Amazon Inspector generates actionable security findings that provide several details, such as security detector name, impacted code snippets, and remediation suggestions to address vulnerabilities. All findings are aggregated in the Amazon Inspector console and seamlessly routed to AWS Security Hub, and pushed to Amazon EventBridge to automate workflows.
Amazon Inspector code scanning of Lambda functions is available in 10 regions including US East (N. Virginia), US West (Oregon), US East (Ohio), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Frankfurt), Europe (Ireland), Europe (London), Europe (Stockholm), Asia Pacific (Singapore). To learn more, visit the Scanning AWS Lambda functions with Amazon Inspector guide.
Amazon Inspector is a vulnerability management service that continually scans AWS workloads including EC2 instances, container images in ECR, and Lambda functions for software vulnerabilities, code vulnerabilities, and unintended network exposure across your entire AWS Organization.