Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
RULESERVICE GROUP
  • M
Sagemaker notebook is not encrypted with customer managed key
Sagemaker
  • M
SAS token has long expiry time
Storage
  • M
Secret is not encrypted with customer managed key
Secrets Manager
  • M
Secrets Manager is not encrypted with customer managed key
Secrets Manager
  • M
Secrets Manager secrets must have automatic rotation enabled
Secrets Manager
  • M
Security Center contact email is not set
Security Center
  • M
Security Center default policy setting 'Monitor Disk Encryption' is not enabled
Security Center
  • M
Security Center default policy setting 'Monitor Endpoint Protection' is not enabled
Security Center
  • M
Security Center default policy setting 'Monitor Network Security Groups' is not enabled
Security Center
  • M
Security Center default policy setting 'Monitor OS Vulnerabilities' is not enabled
Security Center
  • M
Security Center default policy setting 'Monitor SQL Auditing' is not enabled
Security Center
  • M
Security Center default policy setting 'Monitor System Updates' is not enabled
Security Center
  • M
Security Center default policy setting 'Monitor Vulnerability Assessment' is not enabled
Security Center
  • M
Security Center default policy setting 'Monitor Web Application Firewall' should be enabled
Security Center
  • M
Security Center default policy setting "Monitor Adaptive Application Whitelisting" is not enabled
Security Center
  • M
Security Center default policy setting "Monitor JIT Network Access" is not enabled
Security Center
  • M
Security Center default policy setting "Monitor SQL Encryption" is not enabled
Security Center
  • M
Security Center default policy setting "Monitor Storage Blob Encryption" should be enabled
Security Center
  • M
Security Center does not have contact phone number set
Security Center
  • M
Security Center pricing tier is set to Free
Security Center
  • M
Security Center setting 'All users with the following roles' is not set to 'Owner'
Security Center
  • M
Security group description is missing
VPC
  • M
Security group rule allows open egress
VPC
  • M
Security policy allows all volume types
Pod Security Policy
  • M
Security policy allows privilege escalation
Pod Security Policy
  • M
Security policy allows sharing of host's IPC namespace
Pod Security Policy
  • M
Serial port is enabled
Compute Engine
  • M
Service account uses user-managed service account keys
Network
  • M
Service does not restrict ingress sources
Service
  • M
Service Fabric does not use active directory authentication
Service Fabric