Find out if you have vulnerabilities that put you at risk
Test your applications
Toggle filtering controls
All service groups
AWS
Azure
Google
Kubernetes
All Kubernetes service groups
Container
Deployment
Network Policy
Network
Pod Security Policy
Role
RoleBinding
Service
Report a new vulnerability
RULE
SERVICE GROUP
M
Sagemaker notebook is not encrypted with customer managed key
Sagemaker
M
SAS token has long expiry time
Storage
M
Secret is not encrypted with customer managed key
Secrets Manager
M
Secrets Manager is not encrypted with customer managed key
Secrets Manager
M
Secrets Manager secrets must have automatic rotation enabled
Secrets Manager
M
Security Center contact email is not set
Security Center
M
Security Center default policy setting 'Monitor Disk Encryption' is not enabled
Security Center
M
Security Center default policy setting 'Monitor Endpoint Protection' is not enabled
Security Center
M
Security Center default policy setting 'Monitor Network Security Groups' is not enabled
Security Center
M
Security Center default policy setting 'Monitor OS Vulnerabilities' is not enabled
Security Center
M
Security Center default policy setting 'Monitor SQL Auditing' is not enabled
Security Center
M
Security Center default policy setting 'Monitor System Updates' is not enabled
Security Center
M
Security Center default policy setting 'Monitor Vulnerability Assessment' is not enabled
Security Center
M
Security Center default policy setting 'Monitor Web Application Firewall' should be enabled
Security Center
M
Security Center default policy setting "Monitor Adaptive Application Whitelisting" is not enabled
Security Center
M
Security Center default policy setting "Monitor JIT Network Access" is not enabled
Security Center
M
Security Center default policy setting "Monitor SQL Encryption" is not enabled
Security Center
M
Security Center default policy setting "Monitor Storage Blob Encryption" should be enabled
Security Center
M
Security Center does not have contact phone number set
Security Center
M
Security Center pricing tier is set to Free
Security Center
M
Security Center setting 'All users with the following roles' is not set to 'Owner'
Security Center
M
Security group description is missing
VPC
M
Security group rule allows open egress
VPC
M
Security policy allows all volume types
Pod Security Policy
M
Security policy allows privilege escalation
Pod Security Policy
M
Security policy allows sharing of host's IPC namespace
Pod Security Policy
M
Serial port is enabled
Compute Engine
M
Service account uses user-managed service account keys
Network
M
Service does not restrict ingress sources
Service
M
Service Fabric does not use active directory authentication
Service Fabric
Previous
Next
