https://aws.amazon.com/polly/ https://aws.amazon.com/inspector/ is a vulnerability management service that continually scans workloads across https://aws.amazon.com/ec2/ instances, container images living in https://aws.amazon.com/ecr/, and, starting today, https://aws.amazon.com/lambda/ functions and Lambda layers. Until today, customers that wanted to analyze their mixed workloads (including EC2 instances, container images, and Lambda functions) against common vulnerabilities needed to use AWS and third-party tools.

Amazon Inspector scans functions and layers initially upon deployment and automatically rescans them when there are changes in the workloads, for example, when a Lambda function is updated or when a new vulnerability (https://cve.mitre.org/) is published.

If you are using third-party layers, Amazon Inspector also scans them for vulnerabilities. You can see the findings for the different functions in the Amazon Inspector Findings console filtered By Lambda function.

Related Articles