Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All service groups
AWS
Azure
Google
Kubernetes
Report a new vulnerability
RULE
SERVICE GROUP
M
Monitor log profile should be created
Monitor
M
MSSQL vulnerability assessment email notifications are disabled
Database
M
Multi-AZ is not turned on for RDS instance
RDS
M
MySQL allows loading local data
Cloud SQL
M
MySQL firewall rule allows public access
Database
M
MySQL server does not have minimum TLS version set to 1.2
Database
M
Network access bypass for Trusted Microsoft Services is not enabled on the storage account
Storage
M
Network security group allows public access
Network
M
Network security group flow log retention period is below 90 days
Network
M
Network security group permits ingress from '0.0.0.0/0' to port 3389 (RDP)
Network
M
Network security groups should not permit ingress from the internet to UDP ports
Network
M
Network security rule allows open egress
Network
M
Network security rule allows public access
Network
M
Non-encrypted Athena DB at rest
Athena
M
Object versioning is not enabled
Cloud Storage
M
OS Login is disabled
Compute Engine
M
Packet mirroring resource in use
Compute Engine
M
Periodic vulnerability assessment is not enabled on SQL server
Database
M
Pod is running with added capabilities
Deployment
M
Pod stores secrets in environment variables
Service
M
Pods and containers should apply a security context
Kubernetes (Container) Engine
M
Pods should not run containers with the NET_RAW capability
Container
M
Policy allows all capabilities
Pod Security Policy
M
Policy allows any apparmor profile
Deployment
M
Policy allows insecure seccomp profiles
Deployment
M
Policy allows sharing of host's Network namespace
Network
M
Policy allows sharing of host's PID namespace
Pod Security Policy
M
Policy does not prevent use of root group
Pod Security Policy
M
Policy does not prevent use of root user
Deployment
M
Policy does not restrict default capabilities
Pod Security Policy
Previous
Next
