Virsec DevSecOps serverless scan provides an AWS Lambda auditing in terms of statistical analysis, AWS service dependencies, and configuration checks from the security perspective.






VSP Defense serverless - Serverless scan of a given lambda function


vsp_defense serverless [command options] [arguments...]



--api-key value,-a valueApi Key for Cloud Defense server ("75a81a24-adfc-4bfd-8b32-7562169a9759") as example

--project-name value,-p value Name of the project

--access-id value,-i valueAccess id for AWS

--access-secret value,-s valueAccess secret value for AWS

--function-name value,-f value ARN function name for AWS

--verbose, -vDetailed verbose messages (default: false)













vsp_defense serverless --api-key=<api_key> --project-name="project name" --access-id=<id> --access-secret=<secret> --function-name=<ARN>




To check the work create a new account in AWS, deploy the vulnerable serverless application, and follow steps to get the required info