Introducing LambdaGuard — a security scanner for AWS Lambda

We’ve built a tool which allows you to visualise and audit the security of your serverless assets — and now we’re open-sourcing it, too

Love security? Padlocks locking down relationships on the Pont Des Arts in Paris, France

Lambdas

Versions and aliases

Versioning in Lambdas

Layers

Lambda layers

Resource-based policy

Resource based policy example

Execution Role policy

Execution role policy

Serverless services — examples

AWS’ Shared Responsibility Model

Policies

Definition

Common pitfalls

Unrestricted Actions

Unrestricted Principal

Undefined Condition

Other Pitfalls

Serverless vulnerabilities — some examples

Public S3 buckets

Public SQS queues

Public API Gateway

LambdaGuard: AWS serverless security

Reporting

JSON

Findings stats
Description of findings

HTML

Statistics dashboard
List of findings
Detailed description of findings

Discussion and conclusion

Join Skyscanner, see the world

We’re hiring!

About the author

We are the engineers at Skyscanner, the company changing how the world travels. Visit skyscanner.net to see how we walk the talk!

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store