Amazon Inspector, a vulnerability management service from Amazon Web Services (AWS), has announced the expansion of its code scanning capability for Lambda functions. This new feature will enable customers to scan custom proprietary application code within a Lambda function for code security vulnerabilities such as injection flaws, data leaks, weak cryptography, or missing encryption based on AWS security best practices.
Previously, Amazon Inspector was capable of scanning Lambda functions and associated layers for software vulnerabilities in application package dependencies. However, with this update, the service will be able to generate actionable security findings along with impacted code snippets and remediation guidance, when vulnerabilities are identified in the Lambda function or layer. All findings are aggregated in the Amazon Inspector console, routed to AWS Security Hub, and pushed to Amazon EventBridge to automate workflows.
Code scans for Lambda functions within Amazon Inspector now in preview 👉 When vulnerabilities are identified, Inspector generates actionable security findings with impacted code snippets and remediation guidance https://t.co/qv3x2U5Gjk #AWS #Serverless #Security #DevOps pic.twitter.com/4fIyoY0xKT
— Danilo Poccia (@danilop) March 1, 2023