Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
RULESERVICE GROUP
  • M
Wildcard principal has been specified in access policy
Secrets Manager
  • M
Wildcard principal has been specified in access policy
ElasticSearch
  • M
Wildcard principal specified in REST API access policy
API Gateway (REST APIs)
  • M
Windows Defender ATP (WDATP) integration in Security Center is disabled
Security Center
  • M
Windows VM scale set encryption at host is disabled
Compute
  • M
Workspaces is assigned public IP
WorkSpaces
  • M
X-ray tracing is disabled for Lambda function
Lambda
  • L
AKS cluster Network Policy feature is disabled
Container
  • L
App Service mutual TLS is disabled
App Service (Web Apps)
  • L
Cloud SQL for MySQL allows all users to see database names
Cloud SQL
  • L
Compute firewall allows open egress
Compute Engine
  • L
Container has no CPU limit
Deployment
  • L
Container is running with custom hosts file configuration
Deployment
  • L
Container is running with custom SELinux options
Deployment
  • L
Container is running with shared mount propagation
Deployment
  • L
Container is running without memory limit
Deployment
  • L
EC2 instance is not associated with IAM role and instance profile
EC2
  • L
ECS container definition mounts volumes with mount propagation set to "shared"
ECS
  • L
ECS task definition does not set CPU limit for containers
ECS
  • L
GKE Alias IP disabled
Kubernetes (Container) Engine
  • L
GKE cluster labels are missing
Kubernetes (Container) Engine
  • L
GKE Node Pool auto repair is disabled
Kubernetes (Container) Engine
  • L
GKE Node Pool auto upgrade disabled
Kubernetes (Container) Engine
  • L
GKE Node pool does not use a container-optimized OS
Kubernetes (Container) Engine
  • L
GKE PodSecurityPolicy controller is disabled
Kubernetes (Container) Engine
  • L
GKE Shield is disabled
Kubernetes (Container) Engine
  • L
IAM policies allow broad list actions on S3 buckets
IAM
  • L
IAM role attached to instance profile allows broad list actions on S3 buckets
EC2
  • L
Instance IP assignment is not set to private
Compute Engine
  • L
OS Login is disabled on instance
Compute Engine