Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All service groups
AWS
Azure
Google
Kubernetes
Report a new vulnerability
RULE
SERVICE GROUP
M
Redis cache is accessible without authentication
Redis
M
Redis firewall rule allows public access
Redis
M
Redshift cluster logging is disabled
Redshift
M
Redshift DB is not encrypted
Redshift
M
Restrict API keys authentication in AWS AppSync GraphQL
AppSync
M
Role grants permissions to system reserved namespace
RoleBinding
M
Role with dangerous permissions
Role
M
Role with too wide permissions
Deployment
M
Role-Based Access Control on Azure Key Vault is not enabled
Key Vault
M
RoleBinding or ClusterRoleBinding is using a pre-defined role
RoleBinding
M
Roles and cluster roles should not grant 'create' permissions for pods
Role
M
Roles and cluster roles should not grant 'get', 'list', or 'watch' permissions for secrets
Service
M
Root block device is not encrypted
EC2
M
Root volume in WorkSpace is not encrypted
WorkSpaces
M
S3 bucket access logging is not enabled on S3 buckets that store CloudTrail log files
S3
M
S3 bucket does not have all block public access options enabled
S3
M
S3 bucket has `block_public_acls` disabled
S3
M
S3 bucket has `block_public_policy` disabled
S3
M
S3 bucket is not encrypted
S3
M
S3 bucket MFA delete control is disabled
S3
M
S3 bucket object-level logging for read events is disabled
S3
M
S3 bucket object-level logging for write events is disabled
S3
M
S3 bucket policy allows list actions for all IAM principals and public users
S3
M
S3 bucket policy does not deny requests that use HTTP
S3
M
S3 bucket replication (cross-region or same-region) is not enabled
S3
M
S3 bucket versioning is disabled
S3
M
S3 object is not encrypted
S3
M
S3 server access logging is disabled
S3
M
Sagemaker data capture location is not encrypted with customer managed key
Sagemaker
M
Sagemaker endpoint is not encrypted with customer managed key
Sagemaker
Previous
Next
