Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All service groups
AWS
Azure
Google
All Google service groups
App Engine
Artifact Registry
BigQuery
Cloud DNS
Cloud Functions
Cloud KMS
Cloud Platform
Cloud SQL
Cloud Storage
Compute Engine
Compute
Container
Dataflow
Dataproc
Filestore
IAM
Kubernetes (Container) Engine
Monitor
Network
Redis
Secrets Manager
Storage
Kubernetes
Report a new vulnerability
RULE
SERVICE GROUP
H
Public read access is enabled for storage containers and blobs
Storage
H
SAS token can be used over insecure HTTP
Storage
H
Storage account blob service soft delete is disabled
Storage
H
Storage account does not enforce HTTPS
Storage
H
Storage container allows public access
Storage
H
Storage queue service logging is disabled
Storage
M
Infrastructure Encryption is not enabled
Storage
M
Logging storage bucket retention policies and Bucket Lock should be configured
Storage
M
Network access bypass for Trusted Microsoft Services is not enabled on the storage account
Storage
M
SAS token has long expiry time
Storage
M
Storage account allows any traffic by default
Storage
M
Storage account containing activity logs is not encrypted with customer-managed keys
Storage
M
Storage account does not enforce latest TLS version
Storage
M
Storage account for critical data is not encrypted with customer managed keys
Storage
M
Storage account geo-replication is disabled
Storage
M
Storage Queue read logging is disabled
Storage
M
Virtual Machine unattached managed disks should be encrypted with Customer Managed Keys
Storage
M
Virtual Machines should use Managed Disks
Storage
