Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All service groups
AWS
Azure
Google
All Google service groups
App Engine
Artifact Registry
BigQuery
Cloud DNS
Cloud Functions
Cloud KMS
Cloud Platform
Cloud SQL
Cloud Storage
Compute Engine
Compute
Container
Dataflow
Dataproc
Filestore
IAM
Kubernetes (Container) Engine
Monitor
Network
Redis
Secrets Manager
Storage
Kubernetes
Report a new vulnerability
RULE
SERVICE GROUP
M
BigQuery Dataset is not encrypted with Customer-Managed Encryption Key
BigQuery
M
Broad IAM permissions in IAM policy
IAM
M
Cloud Functions are not encrypted with customer-managed encryption keys
Cloud Functions
M
Cloud Functions ingress is not set to internal-only traffic
Cloud Functions
M
Cloud IAM not configured for CloudSQL instance
Cloud SQL
M
Cloud SQL instance backup is disabled
Cloud SQL
M
Cloud SQL instance is publicly accessible
Cloud SQL
M
Cloud SQL Instances is not Using Customer-Managed Encryption Keys
Cloud SQL
M
CloudFront access logging is disabled
CloudFront
M
CloudFront distribution custom origin does not use secure TLS protocol version (1.2 and above)
CloudFront
M
CloudFront distribution does not have geo-restrictions specified
CloudFront
M
CloudFront distribution is not protected by WAF
CloudFront
M
CloudFront distribution viewer certificate does not enforce latest TLS/SSL policy
CloudFront
M
CloudTrail does not have log file validation enabled
CloudTrail
M
CloudTrail is not enabled for all regions
CloudTrail
M
CloudTrail is not integrated with CloudWatch
CloudTrail
M
CloudTrail logs are not encrypted with customer managed key
CloudTrail
M
CloudTrail trail is associated with missing SNS topic
CloudTrail
M
CloudTrail trail is not configured to log data events for S3 buckets
CloudTrail
M
CloudWatch alarm has no actions enabled
CloudWatch
M
CloudWatch log group is not encrypted with customer managed key
CloudWatch
M
CloudWatch log group retention period is not set
CloudWatch
M
CloudWatch log metric filter and alarm are not set for changes to VPC NACLs
CloudWatch
M
CloudWatch log metric filter and alarm are not set for changes to VPC network gateways
CloudWatch
M
CloudWatch log metric filter and alarm are not set for CloudTrail configuration changes
CloudWatch
M
Cloudwatch log metric filter and alarm are not set for Config configuration changes
CloudWatch
M
CloudWatch log metric filter and alarm are not set for denied connections in VPC flow logs
CloudWatch
M
CloudWatch log metric filter and alarm are not set for disabling or scheduled deletion of customer managed KMS keys
CloudWatch
M
CloudWatch log metric filter and alarm are not set for IAM policy changes
CloudWatch
M
CloudWatch log metric filter and alarm are not set for Management Console authentication failures
CloudWatch
Previous
Next
