🔸 Serverless

CloudDefense serverless scan provides an AWS Lambda auditing in terms of statistical analysis, AWS service dependencies, and configuration checks from the security perspective.

Usage:

NAME:
cdefense serverless - Serverless scan of a given lambda function
USAGE:
cdefense serverless [command options] [arguments...]
OPTIONS:
--api-key value, -a value Api Key for Cloud Defense server ("75a81a24-adfc-4bfd-8b32-7562169a9759") as example
--project-name value, -p value Name of the project
--access-id value, -i value Access id from AWS
--access-secret value, -s value Access secret value from AWS
--function-name value, -f value ARN function name from AWS
--verbose, -v Detailed verbose messages (default: false)

Example:

cdefense serverless --api-key=<api-key> --project-name=<project name> --access-id=<id> --access-secret=<secret> --function-name=<ARN>

To check the work create a new account in AWS, deploy the vulnerable serverless application, and follow steps to get the required info