Posted On: Feb 28, 2023
HAQM Inspector now supports code scanning of Lambda functions, expanding the existing capability to scan Lambda functions and associated layers for software vulnerabilities in application package dependencies. With this expanded capability, HAQM Inspector now also scans the custom proprietary application code within a Lambda function for code security vulnerabilities such as injection flaws, data leaks, weak cryptography, or missing encryption based on AWS security best practices. When code vulnerabilities are identified in the Lambda function or layer, Inspector generates actionable security findings along with impacted code snippets and remediation guidance. All findings are aggregated in the HAQM Inspector console, routed to AWS Security Hub, and pushed to HAQM EventBridge to automate workflows.
During the preview period, Lambda code scanning is available in five AWS Regions: US East (N. Virginia), US East (Ohio), US West (Oregon), Europe (Frankfurt), and Europe (Ireland) at no additional cost to customers. Learn more about our Lambda scanning capabilities here.
HAQM Inspector is a vulnerability management service that continually scans AWS workloads for software vulnerabilities, code vulnerabilities, and unintended network exposure across your entire AWS Organization. Once activated, HAQM Inspector automatically discovers all of your HAQM Elastic Compute Cloud (EC2) instances, container images in HAQM Elastic Container Registry (ECR), and AWS Lambda functions, at scale, and continuously monitors them for known vulnerabilities, giving you a consolidated view of vulnerabilities across your compute environments.
To learn more and get started with continual vulnerability scanning of your workloads, visit: