LambdaGuard is a tool which allows you to visualise and audit the of your serverless assets, an open-source AWS Lambda Serverless Scanner.

LambdaGuard -  AWS Lambda Serverless Security Scanner  - LambdaGuard AWS Lambda Serverless Security Scanner 640x305 - LambdaGuard – AWS Lambda Serverless Security Scanner

AWS Lambda is an event-driven, serverless computing platform provided by Amazon Web Services. It is a computing service that runs code in response to events and automatically manages the computing resources required by that code.

LambdaGuard is an AWS Lambda auditing tool designed to create asset visibility and provide actionable results. It provides a meaningful overview in terms of statistical analysis, AWS service dependencies and configuration checks from the security perspective.

There are various common pitfalls in a serverless environment which LambdaGuard the lambda serverless security scanner can scan for and find such as:

  • Poorly defined policies (Unrestricted Actions, Unrestricted Principal, Undefined Conditions)
  • Public S3 buckets
  • Public SQS queues
  • Public API Gateway

It can also optionally run static code analysis on function source code (using SonarQube).

It outputs reports in JSON and/or HTML.

How to Install LambdaGuard AWS Lambda Serverless Security Scanner

From PyPI



From Github



You can download LambdaGuard here:

LambdaGuard-master.zip

Or read more here.



Source link

No tags for this post.

LEAVE A REPLY

Please enter your comment!
Please enter your name here