View Scan Results
When your account is scanned, the Serverless page in the Panoptica platform shows a summary of the cloud accounts and functions, as well as the findings of the scan.
The CLOUD ACCOUNTS tab displays an inventory of the deployed accounts, and a summary of any Security Threats that have been discovered. In the case of AWS accounts, Panoptica will also scan the dependencies that your code uses and display any vulnerabilities.
You can manually trigger a vulnerability scan at any time by clicking 'Scan now' in the Action buttons in the last column. You can also schedule scans to be run at regular intervals via the 'Edit configuration' button.
The results can be filtered by Name and/or Region. You can configure which columns are displayed by clicking on the Columns symbol, in the upper right.
Panoptica identifies five types of Security Threats:
|Publicly accessible||The function can be triggered by an external user (open to the public), which may incur a risk of malicious manipulation.|
|Policy||The function's permissions are overly permissive for its purpose.|
|Secrets||The function's code includes passwords or keys in a readable format.|
|Unused functions||Panoptica has identified functions that have not been used in more than 30 days.|
|Data access||The function accesses a database, which could enable data injection or exfiltration.|
The number beside each icon indicates the number of instances of that threat. More details are available on the FUNCTIONS tab, detailed below.
The Vulnerabilities are also displayed as five icons, indicating their severity: Critical, High, Medium, Low, No known risk.
The FUNCTIONS tab displays an inventory of your serverless functions. This list shows the security threats and vulnerabilities that Panoptica has discovered in each function, and assigns an overall risk (FUNCTION RISK).
The results can be filtered by Function Name, Risk, and/or Cloud Account Name. You can configure which columns are displayed by clicking on the Columns symbol, in the upper right).
Click on a function to show additional details, including security risks (aggregated risk score) and known code vulnerabilities. Vulnerability scanning is only available in AWS at the moment.
Updated 1 day ago