Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
RULESERVICE GROUP
  • M
That inbound traffic is allowed to a resource from any source instead of a restricted range
RDS
  • M
That inbound traffic is allowed to a resource from any source instead of a restricted range
Redshift
  • M
The API gateway will accept older TLS cipher suits
API Gateway (REST APIs)
  • M
The application load balancer is not set to drop invalid headers
ELB
  • M
The AWS kinesis server-side encryption is disabled
Kinesis
  • M
The data lake store is not encrypted at rest
Data Lake
  • M
The default network for a project should be deleted
Network
  • M
The ElastiCache replication group is not encrypted at rest
ElastiCache
  • M
The elasticsearch cluster is not encrypted at rest
ElasticSearch
  • M
The elasticsearch cluster will accept older TLS/SSL cipher suits
ElasticSearch
  • M
The Glue connection password stored in metadata is not encrypted
Glue
  • M
The inline security group rule allows open egress
VPC
  • M
The instance type does not support encryption at rest
ElasticSearch
  • M
The inter-cluster traffic will not be encrypted in transit
ElasticSearch
  • M
The inter-cluster traffic will not be encrypted in transit
MSK
  • M
The log_checkpoints setting is disabled on PostgreSQL DB
Cloud SQL
  • M
The log_disconnections setting is disabled on PostgreSQL DB
Cloud SQL
  • M
The log_lock_waits setting is disabled on PostgreSQL DB
Cloud SQL
  • M
The Neptune Cluster storage encrypted set by default to false
Neptune
  • M
Traffic Manager uses insecure probing protocol
Network
  • M
Traffic mirroring is session enabled
EC2
  • M
Transfer server is publicly accessible
Transfer
  • M
Uniform bucket-level access is disabled
Cloud Storage
  • M
User volumes in WorkSpace are not encrypted
WorkSpaces
  • M
Vault key expiration date is not set
Key Vault
  • M
Vault secret expiration date is not set
Key Vault
  • M
Virtual machine data disk (non-boot volume) is not encrypted
Compute
  • M
Virtual Machine has incorrect SKU size for production environment
Compute
  • M
Virtual machine legacy virtual hard disk is not encrypted
Compute
  • M
Virtual machine OS or data disk is not encrypted with customer-managed key
Compute