Imperva has launched Imperva Serverless Protection, a new product built to secure organizations from vulnerabilities created by misconfigured apps and code-level security risks in serverless computing environments. Designed with the developer and security team in mind, the new product is easily deployed as an AWS Lambda layer, protecting functions without changing code.
Built on Amazon Web Services (AWS), Imperva Serverless Protection is a fully integrated tool within AWS Lambda Extensions. The integration gives developers faster access to the new Imperva offering to provide an additional layer of security for their AWS Lambda environment.
Imperva Serverless Protection secures serverless functions from vulnerabilities embedded in first and third-party code — the underlying risk factor that can trigger a software supply chain attack.
The new product offers protections from misconfigurations, code-level risks, injections and weaknesses. It stops HTTP response splitting and method tampering, code injection, and other complex threats. It also monitors for insecure cookies and transport, logging of sensitive information, unauthorized network activity, weak authentication, and other potential vulnerabilities.
Also, Imperva Serverless Protection runtime monitoring gathers log-level information to provide forensic detail so security teams can fully understand the context of every attack with virtually no impact on latency. It also identifies and maps third-party dependencies used during runtime.