Cloud Security Rules

Find out if you have vulnerabilities that put you at risk

RULE	SERVICE GROUP
H Public read access is enabled for storage containers and blobs	Storage
H SAS token can be used over insecure HTTP	Storage
H Storage account blob service soft delete is disabled	Storage
H Storage account does not enforce HTTPS	Storage
H Storage container allows public access	Storage
H Storage queue service logging is disabled	Storage
M Infrastructure Encryption is not enabled	Storage
M Network access bypass for Trusted Microsoft Services is not enabled on the storage account	Storage
M SAS token has long expiry time	Storage
M Storage account allows any traffic by default	Storage
M Storage account containing activity logs is not encrypted with customer-managed keys	Storage
M Storage account does not enforce latest TLS version	Storage
M Storage account for critical data is not encrypted with customer managed keys	Storage
M Storage account geo-replication is disabled	Storage
M Storage Queue read logging is disabled	Storage
M Virtual Machine unattached managed disks should be encrypted with Customer Managed Keys	Storage
M Virtual Machines should use Managed Disks	Storage