Aqua Security Serverless Functions is a security solution designed to protect serverless functions throughout their lifecycle. The product provides vulnerability scanning capabilities that check functions for CVEs, malware, and exposed secrets using continuously updated threat intelligence sources. It integrates into CI/CD pipelines to enable early-stage security testing during the build process. The platform addresses permission management by identifying over-provisioned permissions and monitoring for unused permissions and roles over time. It includes assurance policies that control which functions can be deployed based on security criteria such as vulnerability scores, permissions, malware presence, and configuration issues. For runtime protection, the product deploys NanoEnforcers to AWS Lambda functions to block code injection attempts and unauthorized executables. It also uses function-embedded honeypots to detect indicators of compromise. The solution provides visibility into running functions and helps prevent OWASP top 10 serverless threats. The platform centralizes serverless security with cloud-native application and infrastructure security through unified policy management. It supports AWS Lambda environments and is part of Aqua's broader Cloud Native Application Protection Platform (CNAPP) offering.