The GCP Cloud Functions security scan on Vectrix detects a variety of Cloud Functions security issues in a connected GCP organization or project that could be leaving you vulnerable. This includes function misconfigurations, over-permissioning, suspicious activity, and other security issues.
Scan on-demand to detect active Cloud Functions security issues that you have.
Monitor continuously to get alerted about new function security issues in the future.
Don't know how Cloud Functions work? Read more below.
What this scan detects
Functions with admin permissions
Having Cloud Functions with administrator permissions can be problematic as the function can potentially be leveraged maliciously to access, modify, and delete data and configurations across your GCP organization or project.
Deletion of a function
Deletion of a function could be problematic as it is a potential warning sign of unauthorized activity in your GCP organization or project. Use Monitoring to receive this finding.
Disabled data access audit logs
A Cloud Function with data access audit logs disabled could be problematic as data access logs are not collected, meaning that any modifications or improper access would not be recorded for later review.