Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All service groups
AWS
All AWS service groups
Account Management
ACM
Amplify
API Gateway (REST APIs)
AppStream
AppSync
Athena
Batch
CloudFront
CloudTrail
CloudWatch
CodeBuild
Cognito
Config
DocumentDB
DynamoDB
EBS
EC2
ECR
ECS
EFS
EKS
ELB
EMR
ElastiCache
ElasticSearch
FSx
Glacier
Global Accelerator
Glue
IAM
Kinesis
KMS
Lambda
MQ
MSK
Neptune
QLDB
RDS
Redshift
S3
Sagemaker
Secrets Manager
SNS
SQS
SSM
Transfer
VPC
WAF
WorkSpaces
Azure
Google
Kubernetes
Report a new vulnerability
RULE
SERVICE GROUP
M
EKS control plane logging insufficient.
Kubernetes (Container) Engine
M
ElastiCache cluster automatic backup is disabled
ElastiCache
M
Elasticache cluster can be accessed without authentication token
ElastiCache
M
ELB does not enforce latest TLS/SSL policy
ELB
M
ELB does not enforce latest TLS/SSL policy
ELB
M
ELB listener security group is set to TCP all
ELB
M
ELBv1 load balancer cross zone load balancing is not enabled
ELB
M
Enable Auto Minor Version Upgrade for RDS Instances
RDS
M
Enable Cloud Audit logging for Cloud Storage buckets
Cloud Storage
M
Enable Logging for HTTP(S) Load Balancer
Compute Engine
M
Enable SQL database Transparent Data Encryption
Database
M
Encryption at rest disabled in EMR security configuration
EMR
M
Encryption is not enforced at the region level
EBS
M
Ensure Amazon FSx Lustre retention backup period is set to 15 days
FSx
M
Events performed within your DocumentDB Cluster will not be logged using Amazon CloudWatch Logs
DocumentDB
M
ExpressRoute virtual network gateway does not use an availability zone SKU
Network
M
Filestore instances must use Customer-Managed encryption keys
Filestore
M
Firewall application rule allows public access
Network
M
Firewall network rule collection allows public access
Network
M
Front Door WAF is disabled
Network
M
Function app built-in authentication is disabled
App Service (Web Apps)
M
Function app logging is disabled
App Service (Web Apps)
M
GCP App Engine Firewall Rule allows public access
Network
M
GCP Compute Firewall allows public access
Network
M
GKE client certificate authentication is enabled
Kubernetes (Container) Engine
M
GKE cluster might be publicly exposed
Kubernetes (Container) Engine
M
GKE data encryption-at-rest is not enabled
Kubernetes (Container) Engine
M
GKE legacy endpoint enabled
Container
M
GKE Network Policies enforcement disabled
Kubernetes (Container) Engine
M
GKE Stack driver monitoring disabled
Kubernetes (Container) Engine
Previous
Next