Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All service groups
AWS
All AWS service groups
Account Management
ACM
Amplify
API Gateway (REST APIs)
AppStream
AppSync
Athena
Batch
CloudFront
CloudTrail
CloudWatch
CodeBuild
Cognito
Config
DocumentDB
DynamoDB
EBS
EC2
ECR
ECS
EFS
EKS
ELB
EMR
ElastiCache
ElasticSearch
FSx
Glacier
Global Accelerator
Glue
IAM
Kinesis
KMS
Lambda
MQ
MSK
Neptune
QLDB
RDS
Redshift
S3
Sagemaker
Secrets Manager
SNS
SQS
SSM
Transfer
VPC
WAF
WorkSpaces
Azure
Google
Kubernetes
Report a new vulnerability
RULE
SERVICE GROUP
H
API Gateway allows anonymous access
API Gateway (REST APIs)
H
API Gateway cached responses are not encrypted
API Gateway (REST APIs)
H
Wildcard action specified in API Gateway access policy
API Gateway (REST APIs)
M
API Gateway access logging is disabled
API Gateway (REST APIs)
M
API Gateway authorizer caching TTL is not configured
API Gateway (REST APIs)
M
API Gateway caching is not enabled for REST APIs
API Gateway (REST APIs)
M
API Gateway classic custom domain does not use secure TLS protocol version (1.2 and above)
API Gateway (REST APIs)
M
API Gateway classic is not using authentication mechanisms
API Gateway (REST APIs)
M
API Gateway methods metrics are not enabled
API Gateway (REST APIs)
M
API Gateway Missing Rate Limiting and Throttling Controls
API Gateway (REST APIs)
M
API Gateway should require API key for access
API Gateway (REST APIs)
M
API Gateway X-Ray tracing is disabled
API Gateway (REST APIs)
M
The API gateway will accept older TLS cipher suits
API Gateway (REST APIs)
M
Wildcard principal specified in REST API access policy
API Gateway (REST APIs)