Homepage
About Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

AWS

Expand this section

Azure

Expand this section

Google

Expand this section

Kubernetes

Report a new vulnerability
RULE SERVICE GROUP
  • M
Cloud SQL Instances is not Using Customer-Managed Encryption Keys
Cloud SQL
  • M
Compute firewall allows unrestricted SSH access
Compute Engine
  • M
Compute instance delete protection is disabled
Compute Engine
  • M
Compute instance uses the default service account with full access to all Cloud APIs
Compute Engine
  • M
Contained database authentication is enabled
Cloud SQL
  • M
Cross DB ownership chaining is enabled
Cloud SQL
  • M
Customer supplied encryption keys are not used to encrypt compute disk
Compute Engine
  • M
Customer-supplied encryption keys are not used to encrypt VM compute instance
Compute Engine
  • M
Dataflow Internal Traffic Restriction
Dataflow
  • M
Dataproc Clusters are not encrypted with Customer-Managed Encryption Keys
Dataproc
  • M
Default network automatically created
Cloud Platform
  • M
Default service account is used
Compute Engine
  • M
DNS managed zone DNSSEC key-signing keys should not use RSASHA1
Cloud DNS
  • M
DNS managed zone DNSSEC zone-signing keys should not use RSASHA1
Cloud DNS
  • M
DNSSEC is not enabled on managed zone
Cloud DNS
  • M
Dual-homed Compute instances should be checked
Compute Engine
  • M
Enable Cloud Audit logging for Cloud Storage buckets
Cloud Storage
  • M
Enable Logging for HTTP(S) Load Balancer
Compute Engine
  • M
Filestore instances must use Customer-Managed encryption keys
Filestore
  • M
GCP App Engine Firewall Rule allows public access
Network
  • M
GCP Compute Firewall allows public access
Network
  • M
GKE client certificate authentication is enabled
Kubernetes (Container) Engine
  • M
GKE cluster might be publicly exposed
Kubernetes (Container) Engine
  • M
GKE data encryption-at-rest is not enabled
Kubernetes (Container) Engine
  • M
GKE legacy endpoint enabled
Container
  • M
GKE Network Policies enforcement disabled
Kubernetes (Container) Engine
  • M
GKE Stack driver monitoring disabled
Kubernetes (Container) Engine
  • M
GKE Workload Identity is disabled
Container
  • M
Google Cloud Storage bucket is encrypted at rest
Cloud Storage
  • M
Google Compute Firewall Rules have unnecessary port ranges opened for inbound traffic
Compute Engine