Serverless Compatibility Requirements
Application Security provides serverless capability for the following platforms and libraries:
AWS Lambda
Note: Threat Protection through Remote Configuration is not supported. Use Workflows to block IPs in your WAF.
Type | Threat Detection | Software Composition Analysis (SCA) | Code Security |
---|
Java | | | |
.NET | | | |
Node | | | |
Python | | | |
Ruby | | | |
PHP | | | |
Go | | | |
Supported trigger types
Threat Detection supports HTTP requests as function input only, as that channel has the highest likelihood of attackers exploiting a serverless application. HTTP requests typically come from AWS services such as:
- Application Load Balancer (ALB)
- API Gateway v1 (Rest API)
- API Gateway v2 (HTTP API)
- Function URL
If you would like to see support added for any of the unsupported capabilities, fill out this
form to send feedback.
- Node.js
- If you are bundling using webpack or esbuild, follow the specific bundler instructions.
- Python
- Java
- To fully instrument your serverless application with distributed tracing, your Java Lambda functions must use the Java 8 Corretto (
java8.al2
), Java 11 (java11
) or Java 17 (java17
) runtimes with at least 1024MB of memory. - If you use the Datadog Lambda layers
dd-trace-java:4
(or older) and Datadog-Extension:24
(or older), follow the instructions in Upgrade Instrumentation for Java Lambda Functions. - Go
- .NET
Google Cloud Run
Google Cloud Run support for Application Security serverless is in Preview.
Note: Threat Protection through Remote Configuration is not supported. Use Workflows to block IPs in your WAF.
Type | Threat Detection | Software Composition Analysis | Code Security |
---|
Java | Preview | Preview | |
.NET | Preview | Preview | |
Node | Preview | Preview | |
Python | Preview | Preview | |
Ruby | Preview | Preview | |
PHP | | | |
Go | Preview | Preview | |
Azure App Service
Only web applications are supported. Azure Functions are not supported.
Note: Threat Protection through Remote Configuration is not supported. Use Workflows to block IPs in your WAF.
Type | OS | Threat Detection | Software Composition Analysis | Code Security |
---|
Java | Windows, Linux | | | |
.NET | Windows, Linux | | | |
Node | Linux | | | |
Python | Linux | | | |
Ruby | Linux | | | |
PHP | Linux | | | |