Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All service groups
AWS
All AWS service groups
Account Management
ACM
Amplify
API Gateway (REST APIs)
AppStream
AppSync
Athena
Batch
CloudFront
CloudTrail
CloudWatch
CodeBuild
Cognito
Config
DocumentDB
DynamoDB
EBS
EC2
ECR
ECS
EFS
EKS
ELB
EMR
ElastiCache
ElasticSearch
FSx
Glacier
Global Accelerator
Glue
IAM
Kinesis
KMS
Lambda
MQ
MSK
Neptune
QLDB
RDS
Redshift
S3
Sagemaker
Secrets Manager
SNS
SQS
SSM
Transfer
VPC
WAF
WorkSpaces
Azure
Google
Kubernetes
Report a new vulnerability
RULE
SERVICE GROUP
C
S3 Bucket should not be publicly readable and writable
S3
C
S3 policy grants all permissions to any principal
S3
H
S3 bucket ACL allows public access to S3 bucket storing CloudTrail log files
S3
H
S3 bucket does not have `ignore_public_acls` enabled
S3
H
S3 bucket has `restrict_public_buckets` disabled
S3
H
S3 bucket is publicly readable
S3
H
S3 Bucket is publicly readable
S3
M
S3 bucket access logging is not enabled on S3 buckets that store CloudTrail log files
S3
M
S3 bucket does not have all block public access options enabled
S3
M
S3 bucket has `block_public_acls` disabled
S3
M
S3 bucket has `block_public_policy` disabled
S3
M
S3 bucket is not encrypted
S3
M
S3 bucket MFA delete control is disabled
S3
M
S3 bucket object-level logging for read events is disabled
S3
M
S3 bucket object-level logging for write events is disabled
S3
M
S3 bucket policy allows list actions for all IAM principals and public users
S3
M
S3 bucket policy does not deny requests that use HTTP
S3
M
S3 bucket replication (cross-region or same-region) is not enabled
S3
M
S3 bucket versioning is disabled
S3
M
S3 object is not encrypted
S3
M
S3 server access logging is disabled
S3