LambdaGuard is a tool which allows you to visualise and audit the security of your serverless assets, an open-source AWS Lambda Serverless Security Scanner.
AWS Lambda is an event-driven, serverless computing platform provided by Amazon Web Services. It is a computing service that runs code in response to events and automatically manages the computing resources required by that code.
LambdaGuard is an AWS Lambda auditing tool designed to create asset visibility and provide actionable results. It provides a meaningful overview in terms of statistical analysis, AWS service dependencies and configuration checks from the security perspective.
There are various common pitfalls in a serverless environment which LambdaGuard the lambda serverless security scanner can scan for and find such as:
- Poorly defined policies (Unrestricted Actions, Unrestricted Principal, Undefined Conditions)
- Public S3 buckets
- Public SQS queues
- Public API Gateway
It can also optionally run static code analysis on function source code (using SonarQube).
It outputs reports in JSON and/or HTML.
How to Install LambdaGuard AWS Lambda Serverless Security Scanner
>pip3 install lambdaguard
git clone https://github.com/Skyscanner/lambdaguard
sudo make install
You can download LambdaGuard here:
Or read more here.