View all serverless functions assets within your asset inventory.
The Serverless Functions asset inventory provides a centralized view of all serverless functions and their details across your environments. The platform enables efficient tracking and management of your serverless function resource, ensuring compliance with security and governance standards. You can directly access serverless function issues and findings within the inventory, allowing you to prioritize and remediate them without having to navigate to a separate remediation section.
To access serverless function assets, under Inventory, select → → .
The Serverless Functions assets inventory includes a dashboard with provider, class, and category widgets displayed by default, and an inventory table. Selecting a widget automatically filters the inventory table based on the widget's criteria.
The inventory table includes general asset properties, as well as these unique attributes:
Property/attribute | Description |
|---|---|
Category | Serverless Functions |
Type |
|
Class | Serverless functions belong to the Compute asset class |
The serverless function summary, displayed at the top of the card, provides concise details about the serverless function including cloud provider, category, region and account ID.
The Overview tab summarizes serverless function highlights, properties, scan management details and provides a list of entities with access to the serverless function.
Highlights include:
Critical/High issues: An aggregation of critical and high issues associated with the serverless function. Clicking on this property redirects to the Issues page, filtered by specific asset and severity level
Visibility timeline: When the serverless function was first and last detected
Risk summary: The risks associated with the serverless function, grouped by category (cases, issues and findings). Each category includes the total number of associated risks, as well as a specific count for each severity level
Properties include:
Identification and Location: Includes identifying information and cloud location of the serverless function: Name, ID (such as ArN in AWS), cloud provider, cloud region and account ID
Configuration and Environment: Includes the fundamental setup and execution context of the serverless function. It includes the function category, type (the specific serverless compute service being used such as AWS Lambda, Azure Functions, Google Cloud Functions) and runtime (such as Python and Node.js)
Scan management: Includes information about the last scan, including date, scanner name, version and scan status.
Identities with access to this asset: Lists the top most privileged identities on the asset, ranked by their recent activity and highlighting those who have recently used their high-level permissions.
The SBOM tab displays details about the Software Bill of Materials (SBOM) that was generated by the scanning process. Exposed properties include Type, Name, Binary Packages, Version, Path and License.
Export SBOM: You can export the entire SBOM, or selected attributes from any of the tabs in the expanded card: Select → . Supported formats: XML, json.
The Access tab includes two inventories:
Access permissions (Who can access this asset): Exposed properties include Source, Grantor, Access Levels, Access to Data Labels, Last Used, Permission Scope and Excessive Policies
Identity access scope (Where can this identity access): Exposed properties include Grantor, Destination, Access Level, Last Used, Access to Data Labels, Configured By and Destination ID
The Vulnerabilities tab provides inventories for Findings and Packages, enabling you to assess potential risks and prioritize remediation efforts.
Findings: Displays a list of findings, along with their associated CVE ID and description, EPSS score, CVSS score and severity, CVE risk factors, affected software and fix versions, when available
Packages: Displays a list of packages, their name and version, the total number of vulnerabilities found within each package, a breakdown of vulnerabilities by severity level and count, their EPSS (Exploit Prediction Scoring System), which estimates the likelihood of exploitation, CVSS (Common Vulnerability Scoring System), which rates the technical severity of the vulnerability, location, base image vulnerability, and whether a fix is available
Note
For details of all serverless function issues generated by Cortex Cloud from vulnerability findings, refer to Serverless function usage.