Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
RULESERVICE GROUP
  • H
ECR repository policy allows broad permissions
ECR
  • H
ECS Container Insights is disabled
ECS
  • H
EKS cluster allows public access
EKS
  • H
Encryption key is exposed in instance template configuration
Compute Engine
  • H
Function app does not enforce HTTPS
App Service (Web Apps)
  • H
Geo-replication for Azure Container Images is disabled
Container
  • H
GKE control plane is publicly accessible
Container
  • H
IAM access key generated for `root` user
IAM
  • H
IAM policy allows privilege escalation
IAM
  • H
IAM policy grants full administrative rights
IAM
  • H
IAM policy has a statement block with a wildcard action
IAM
  • H
IAM role can be assumed by anyone in the account or anyone in any account
IAM
  • H
In transit encryption is disabled for Memory store instances
Redis
  • H
KMS key is openly accessible
Cloud KMS
  • H
KMS master key is publicly accessible
KMS
  • H
Lambda permission has wildcard action
Lambda
  • H
Logging is disabled on Kubernetes engine clusters
Kubernetes (Container) Engine
  • H
MariaDB server does not enforce SSL
Database
  • H
Memory store has Redis AUTH disabled
Redis
  • H
Microsoft Defender for Cloud security alert notifications are disabled
Security Center
  • H
MySQL Server does not enforce SSL
Database
  • H
MySQL server does not enforce TLS for connections
Database
  • H
Network policy does not restrict egress destinations
Deployment
  • H
Obsolete EC2-classic resource in use
VPC
  • H
Persistent disk is not encrypted at rest
Compute Engine
  • H
Policy allows `privileged` containers
Deployment
  • H
Policy does not restrict ingress sources
Network Policy
  • H
PostgreSQL Server does not enforce SSL
Database
  • H
PostgreSQL server does not enforce TLS connections
Database
  • H
Potentially sensitive variable in Lambda environment
Lambda