Serverless Defender

Serverless Defender protects serverless functions at runtime. It monitors your functions to ensure they execute as designed.
Per-function policies let you control:
  • Process activity. Enables verification of launched subprocesses against policy.
  • Network connections. Enables verification of inbound and outbound connections, and permits outbound connections to explicitly allowed domains.
  • File system activity. Controls which parts of the file system functions can access.
Currently, Prisma Cloud supports AWS Lambda functions. The following runtimes are supported:
  • C# (.NET Core) 3.1
  • Java 8, 11
  • Node.js 12.x, 14.x
  • Python 3.6, 3.7, 3.8
  • Ruby 2.7
Currently, only users with the Administrator role can see the list of deployed Serverless Defenders in
Manage > Defenders > Manage

Securing serverless functions

To secure an AWS Lambda function, embed the Prisma Cloud Serverless Defender into it. The steps are:
  1. (Optional) If you are not using a deployment framework like SAM or Serverless Framework, download a ZIP file that contains your function source code and dependencies.
  2. Embed the Serverless Defender into the function.
  3. Deploy the new function or upload the updated ZIP file to AWS.
  4. Define a serverless protection runtime policy.
  5. Define a serverless WAAS policy.

(Optional) Download your function as a ZIP file

Download your function’s source code from AWS as a ZIP file.
  1. From Lambda’s code editor, click
    Actions > Export function
  2. Click
    Download deployment package
    Your function is downloaded to your host as a ZIP file.
  3. Create a working directory, and unpack the ZIP file there.
    In the next step, you’ll download the Serverless Defender files to this working directory.

Embed Serverless Defender into C# functions

In your function code, import the Serverless Defender library and create a new protected handler that wraps the original handler. The protected handler will be called by AWS when your function is invoked. Update the project configuration file to add Prisma Cloud dependencies and package references.
Prisma Cloud supports .NET Core 3.1.
  1. Open Compute Console, and go to