Announcing New Additions to Module Risk and Security for AWS Lambda
To round out NSolid for AWS’s Lambda’s new Module Risk and Security feature NodeSource added the ability to render a package’s ReadMe files inside the module detail view!
This new feature is based on the NCM 2 Certification pipeline, which also powers the NCM 2 CLI.
How does this work?
When navigating to the Module List View, users will be able to select individual modules from the module list.
From there, you can navigate to the Module Details View:
From here, you’ll see a new option--the “Readme” tab--which allows you to see the README file of the selected module, right in the NodeSource platform UI:
The Readme is useful for:
Provide important context and references in case module upgrades, vulnerabilities, risk or security attributes are discovered.
NSolid for AWS Lambda’s Module Risk and Security
NSolid for AWS Lambda’s Module Risk and Security feature permits users to quickly assess, and manage the risk, security and compliance footprint of their lambda functions. This now includes a rendered version of the Readme files to deliver a more complete picture to package users, developers, and DevOps professionals.
As with development on any platform, using third-party libraries or packages is a common and useful way to speed up development and delivery of business functionality.
As this third-party open source code is typically created and maintained by community members, it’s not guaranteed that all code is well-maintained or secure. Moreover, individual third-party packages may be secure at the time they are added to your AWS Lambda function, but as with any code, there’s a chance that security vulnerabilities are uncovered or introduced over time.
N|Solid for AWS Lambda is the first-of-its-kind platform to provide compliance, risk and security reports for serverless functions running in production.
If you use Node.js on AWS Lambda, you should definitely check this out!