The Serverless resource has methods to enable and manage protection on serverless (lambda) functions in AWS cloud accounts.
The process of enabling protection on serverless functions grants Dome9 permissions to obtain information about the functions.
Once protection is enabled, Dome9 can run risk assessments on them, and apply runtime protection to them. There are methods to enable runtime protection (fsp) for an account (applies to all functions in the account), or on individual functions.
This resource has methods to control runtime protection. Dome9 profiles the function to generate a list of whitelisted (permitted) actions. There are methods to add blacklist rules, which are prohibited actions, and exclusions, which are permitted actions that are added to the whitelist.
There are also methods to retrieve findings generated for the function, whether from risk assessment scans, or runtime protection events.
The AWS cloud account must be onboarded to Dome9 before protection can be enabled on its serverless functions.