Prisma Cloud Compute - Understanding Twistcli Scan Results for Lambda Functions in CI Pipelines

Prisma Cloud Compute - Understanding Twistcli Scan Results for Lambda Functions in CI Pipelines

3775
Created On 04/22/24 04:23 AM - Last Modified 12/12/24 17:45 PM


Question


  • Why does the Twistcli serverless scan used in the CI phase to scan the lambda functions not show any vulnerabilities in the scan results even though the scan results show as "passed" ?
For example:

Screenshot below shows the Lambda function file scanned successfully in the CI pipeline, however the Vulnerabilities show '0'

 

image.png
image.png

While the same file scanned during Runtime shows Vulnerabilities in the scan results

image.png


image.png

image.png

 

Environment


  • Prisma Cloud and Compute
  • AWS Lambda
  • Serverless Function CI scan

Answer


  • This is an expected behavior. The reason why the Vulnerabilities are not shown when a Lambda function is scanned during the CI phase is because an AWS Lambda function pulls all the dependencies when it is triggered and there are no dependencies present during the CI phase , thus the Vulnerabilities are shown as '0'
  • This also explains the behavior of the Vulnerabilities shown when the same function is scanned at Runtime where the dependencies of the Lambda function are present.
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u0000008XpqCAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language