AWS Serverless and IAM security checks

Reply
Highlighted
L1 Bithead

AWS Serverless and IAM security checks

Hello Prisma Cloud Experts,

 

I'm fairly new to CWPP and tried some native and free options and looking at commercial products now. VNETs, Traditional compute and private endpoints are not difficult to grasp, while the transition to serverless is slightly more complex.

 

What parts of the Prisma Cloud product should the customer use when assessing Serverless Lambda security?

Am I right understanding what with regards to AWS Serverless there are two modes - initial assessment (can be done without any modifications to Lambda) and continuous protection (requires some additional code to be added). What about checking IAM rules for security? Are there features in the Prisma Cloud adding additional value on the top of IAM Analizer? Is there a built-in code review for Lambda?

 

Lastly, can you please confirm that all features from PureSec, Twistlock, Evident.io and the rest are fully integrated (or perhaps discontinued) - and the only place I should be reading/looking is documentation at https://docs.paloaltonetworks.com/prisma/prisma-cloud

 

Perhaps there are too many questions for one post, and I should do my own research first. Just trying easy option asking experts first

 

Regards,

Serg

Highlighted
L1 Bithead

I think i found an answer to one of my questions in Prisma Cloud Licensing and Editions Guide

 

Serverless Defender licensed per millions of invocations:

SergGur_0-1597319999246.png

Serverless function config checks are not counted (no license consumption)

SergGur_1-1597320047029.png

 

 

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!