Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All service groups
AWS
All AWS service groups
Account Management
ACM
Amplify
API Gateway (REST APIs)
AppStream
AppSync
Athena
Batch
CloudFront
CloudTrail
CloudWatch
CodeBuild
Cognito
Config
DocumentDB
DynamoDB
EBS
EC2
ECR
ECS
EFS
EKS
ELB
EMR
ElastiCache
ElasticSearch
FSx
Glacier
Global Accelerator
Glue
IAM
Kinesis
KMS
Lambda
MQ
MSK
Neptune
QLDB
RDS
Redshift
S3
Sagemaker
Secrets Manager
SNS
SQS
SSM
Transfer
VPC
WAF
WorkSpaces
Azure
Google
Kubernetes
Report a new vulnerability
RULE
SERVICE GROUP
H
Logging is disabled on Kubernetes engine clusters
Kubernetes (Container) Engine
M
EKS control plane logging insufficient.
Kubernetes (Container) Engine
M
GKE client certificate authentication is enabled
Kubernetes (Container) Engine
M
GKE cluster might be publicly exposed
Kubernetes (Container) Engine
M
GKE data encryption-at-rest is not enabled
Kubernetes (Container) Engine
M
GKE Network Policies enforcement disabled
Kubernetes (Container) Engine
M
GKE Stack driver monitoring disabled
Kubernetes (Container) Engine
M
Kubernetes Cluster is not VPC-Native.
Kubernetes (Container) Engine
M
Legacy ABAC is enabled
Kubernetes (Container) Engine
M
Pods and containers should apply a security context
Kubernetes (Container) Engine
L
GKE Alias IP disabled
Kubernetes (Container) Engine
L
GKE cluster labels are missing
Kubernetes (Container) Engine
L
GKE Node Pool auto repair is disabled
Kubernetes (Container) Engine
L
GKE Node Pool auto upgrade disabled
Kubernetes (Container) Engine
L
GKE Node pool does not use a container-optimized OS
Kubernetes (Container) Engine
L
GKE PodSecurityPolicy controller is disabled
Kubernetes (Container) Engine
L
GKE Shield is disabled
Kubernetes (Container) Engine
