Amazon Inspector now supports code scanning of Lambda functions, expanding the existing capability to scan Lambda functions and associated layers for software vulnerabilities in application package dependencies. With this expanded capability, Amazon Inspector now also scans your custom proprietary application code within a Lambda function for code security vulnerabilities such as injection flaws, data leaks, weak cryptography, or missing encryption based on AWS security best practices. Upon detecting code vulnerabilities within the Lambda function or layer, Amazon Inspector generates actionable security findings that provide several details, such as security detector name, impacted code snippets, and remediation suggestions to address vulnerabilities. All findings are aggregated in the Amazon Inspector console and seamlessly routed to AWS Security Hub, and pushed to Amazon EventBridge to automate workflows.
Source:: Amazon AWS