Homepage

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Report a new vulnerability
RULESERVICE GROUP
  • M
IAM password policy does not require minimum password length of 7 or does not include alphanumeric characters
IAM
  • M
IAM password policy minimum password length is too short
IAM
  • M
IAM policy is attached to user
IAM
  • M
IAM principal has no permissions boundary
IAM
  • M
IAM principal has overly permissive permissions boundary
IAM
  • M
IAM role used for trust relationship does not have MFA or external IDs
IAM
  • M
IAM user does not have MFA (virtual or hardware) enabled
IAM
  • M
IAM user is not a member of at least one group
IAM
  • M
IAM user login profile does not enforce resetting the generated password
IAM
  • M
Job bookmarks generated by Glue are not encrypted
Glue
  • M
KMS key does not have key rotation enabled
KMS
  • M
Lambda Functions are not deployed within a VPC
Lambda
  • M
Lambda functions missing provisioned concurrency configuration
Lambda
  • M
Lambda permission has wildcard principal
Lambda
  • M
Load balancer access logging is not enabled
ELB
  • M
Load balancer is internet facing
ELB
  • M
Multi-AZ is not turned on for RDS instance
RDS
  • M
Non-encrypted Athena DB at rest
Athena
  • M
Potentially sensitive variable in task definition
ECS
  • M
Public IPs are automatically mapped to instances
VPC
  • M
QLDB ledger permissions is set to ALLOW_ALL mode
QLDB
  • M
RDS Aurora cluster multi-AZ is not enabled
RDS
  • M
RDS automatic backup is disabled
RDS
  • M
RDS cluster is not using encrypted storage
RDS
  • M
RDS DB cluster parameter group configured with TLS Version below 1.2
RDS
  • M
RDS global cluster encryption is disabled
RDS
  • M
RDS IAM authentication is disabled
RDS
  • M
RDS instance 'Deletion Protection' is not enabled
RDS
  • M
RDS instance does not have FedRAMP approved database engine
RDS
  • M
RDS instance is not using encrypted storage
RDS