Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All service groups
AWS
Azure
All Azure service groups
API Management
App Service (Web Apps)
Authorization
Automation
Batch
CDN
Compute
Container
CosmosDB (DocumentDB)
Data Factory
Data Lake
Database
Key Vault
Monitor
Network
Redis
Role
Search
Security Center
Service Fabric
Storage
Synapse
Google
Kubernetes
Report a new vulnerability
RULE
SERVICE GROUP
C
App Service web app allows HTTP traffic
App Service (Web Apps)
H
App Service allows FTP deployments
App Service (Web Apps)
H
Azure App Service allows HTTP traffic
App Service (Web Apps)
H
Function app does not enforce HTTPS
App Service (Web Apps)
M
App Configuration does not use an SLA
App Service (Web Apps)
M
App Service does not use production-level SKU
App Service (Web Apps)
M
App Service HTTP/2 is disabled
App Service (Web Apps)
M
App Service is not running latest .NET version
App Service (Web Apps)
M
App Service is not running latest Java version
App Service (Web Apps)
M
App Service is not running latest PHP version
App Service (Web Apps)
M
App Service is not running latest Python version
App Service (Web Apps)
M
App Service Plan does not use two or more instances
App Service (Web Apps)
M
App Service remote debugging is enabled
App Service (Web Apps)
M
App Service web app authentication is not enabled
App Service (Web Apps)
M
App Service web app does not have 'Minimum TLS Version' set to '1.2'
App Service (Web Apps)
M
App Service web app does not use a managed identity
App Service (Web Apps)
M
Function app built-in authentication is disabled
App Service (Web Apps)
M
Function app logging is disabled
App Service (Web Apps)
L
App Service mutual TLS is disabled
App Service (Web Apps)
