Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All service groups
AWS
Azure
All Azure service groups
API Management
App Service (Web Apps)
Authorization
Automation
Batch
CDN
Compute
Container
CosmosDB (DocumentDB)
Data Factory
Data Lake
Database
Key Vault
Monitor
Network
Redis
Role
Search
Security Center
Service Fabric
Storage
Synapse
Google
Kubernetes
Report a new vulnerability
RULE
SERVICE GROUP
H
Public read access is enabled for storage containers and blobs
Storage
H
SAS token can be used over insecure HTTP
Storage
H
Storage account blob service soft delete is disabled
Storage
H
Storage account does not enforce HTTPS
Storage
H
Storage container allows public access
Storage
H
Storage queue service logging is disabled
Storage
M
Infrastructure Encryption is not enabled
Storage
M
Logging storage bucket retention policies and Bucket Lock should be configured
Storage
M
Network access bypass for Trusted Microsoft Services is not enabled on the storage account
Storage
M
SAS token has long expiry time
Storage
M
Storage account allows any traffic by default
Storage
M
Storage account containing activity logs is not encrypted with customer-managed keys
Storage
M
Storage account does not enforce latest TLS version
Storage
M
Storage account for critical data is not encrypted with customer managed keys
Storage
M
Storage account geo-replication is disabled
Storage
M
Storage Queue read logging is disabled
Storage
M
Virtual Machine unattached managed disks should be encrypted with Customer Managed Keys
Storage
M
Virtual Machines should use Managed Disks
Storage
