Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All service groups
AWS
Azure
Google
Kubernetes
Report a new vulnerability
RULE
SERVICE GROUP
H
ECR repository policy allows broad permissions
ECR
H
ECS Container Insights is disabled
ECS
H
EKS cluster allows public access
EKS
H
Encryption key is exposed in instance template configuration
Compute Engine
H
Function app does not enforce HTTPS
App Service (Web Apps)
H
Geo-replication for Azure Container Images is disabled
Container
H
GKE control plane is publicly accessible
Container
H
IAM access key generated for `root` user
IAM
H
IAM policy allows privilege escalation
IAM
H
IAM policy grants full administrative rights
IAM
H
IAM policy has a statement block with a wildcard action
IAM
H
IAM role can be assumed by anyone in the account or anyone in any account
IAM
H
In transit encryption is disabled for Memory store instances
Redis
H
KMS key is openly accessible
Cloud KMS
H
KMS master key is publicly accessible
KMS
H
Lambda permission has wildcard action
Lambda
H
Logging is disabled on Kubernetes engine clusters
Kubernetes (Container) Engine
H
MariaDB server does not enforce SSL
Database
H
Memory store has Redis AUTH disabled
Redis
H
Microsoft Defender for Cloud security alert notifications are disabled
Security Center
H
MySQL Server does not enforce SSL
Database
H
MySQL server does not enforce TLS for connections
Database
H
Network policy does not restrict egress destinations
Deployment
H
Obsolete EC2-classic resource in use
VPC
H
Persistent disk is not encrypted at rest
Compute Engine
H
Policy allows `privileged` containers
Deployment
H
Policy does not restrict ingress sources
Network Policy
H
PostgreSQL Server does not enforce SSL
Database
H
PostgreSQL server does not enforce TLS connections
Database
H
Potentially sensitive variable in Lambda environment
Lambda
Previous
Next
