Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All service groups
AWS
Azure
Google
Kubernetes
Report a new vulnerability
RULE
SERVICE GROUP
M
DNSSEC is not enabled on managed zone
Cloud DNS
M
Docdb cluster is not encrypted with customer managed key
DocumentDB
M
DocDB is not encrypted
DocumentDB
M
Dual-homed Compute instances should be checked
Compute Engine
M
DynamoDB Acceleration (DAX) is not encrypted
DynamoDB
M
DynamoDB does not have Point-in-Time Recovery enabled
DynamoDB
M
DynamoDB table is not encrypted with customer managed KMS key
DynamoDB
M
EBS encryption by default is disabled
EBS
M
EBS snapshot is not encrypted
EC2
M
EBS volume is not encrypted
EBS
M
EC2 API termination protection is not enabled
EC2
M
EC2 instance accepts IMDSv1
EC2
M
EC2 instance has public IP assigned
EC2
M
EC2 instance is missing SSM agent association
EC2
M
EC2 is unable to replace unhealthy instances
EC2
M
ECR enhanced scanning is not enabled
ECR
M
ECR image scanning is disabled
ECR
M
ECR Registry allows mutable tags
ECR
M
ECR repository is not encrypted with customer managed key
ECR
M
ECR Repository Missing Lifecycle Policy
ECR
M
ECS task definition does not limit memory usage for containers
ECS
M
ECS task definition does not mount the container's root filesystem as read-only
ECS
M
ECS task definition has 'NET_RAW' capability
ECS
M
ECS task definition is not configured with a health check
ECS
M
ECS task definition mounts sensitive host system directories
ECS
M
ECS task definition uses the root user
ECS
M
ECS task is not configured with a health check
ECS
M
EFS in task definition does not encrypt data in transit
ECS
M
EFS system file is not encrypted
EFS
M
Egress Rule Not Configured to Restrict Outbound Traffic
VPC
Previous
Next
