Best practice
azure-appgateway-enables-waf
azure-appgateway-enables-waf
azure-appservice-https-20-enabled
azure-appservice-https-20-enabled
azure-postgresql-geo-backup-enabled
azure-postgresql-geo-backup-enabled
azure-sqlserver-email-alerts-enabled
azure-sqlserver-email-alerts-enabled
azure-appservice-used-azure-files
azure-appservice-used-azure-files
azure-ad-used-auth-service-fabric
azure-ad-used-auth-service-fabric
azure-defenderon-sqlservers-vms
azure-defenderon-sqlservers-vms
azure-securitycenter-standard-pricing
azure-securitycenter-standard-pricing
azure-vmscale-sets-auto-os-image-patching-enabled
azure-vmscale-sets-auto-os-image-patching-enabled
azure-networkinterface-enable-ip-forwarding
azure-networkinterface-enable-ip-forwarding
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-284: Improper Access Control
OWASP:
- A05:2017 - Broken Access Control
- A01:2021 - Broken Access Control
azure-postgresql-server-connection-throttling-enabled
azure-postgresql-server-connection-throttling-enabled
azure-securitycenter-contact-phone
azure-securitycenter-contact-phone
azure-defenderon-servers
azure-defenderon-servers
azure-appservice-dotnet-framework-version
azure-appservice-dotnet-framework-version
azure-postgresql-server-log-connections-enabled
azure-postgresql-server-log-connections-enabled
azure-appservice-python-version
azure-appservice-python-version
azure-functionapps-accessible-over-https
azure-functionapps-accessible-over-https
azure-sqlserver-threat-detection-types
azure-sqlserver-threat-detection-types
azure-aks-uses-azure-policies-addon
azure-aks-uses-azure-policies-addon
azure-defenderon-appservices
azure-defenderon-appservices
azure-securitycenter-email-alert-admins
azure-securitycenter-email-alert-admins
azure-securitcenter-email-alert
azure-securitcenter-email-alert
azure-mariadb-geo-backup-enabled
azure-mariadb-geo-backup-enabled
azure-secret-content-type
azure-secret-content-type
azure-keyvault-enables-firewall-rules-settings
azure-keyvault-enables-firewall-rules-settings
azure-mysql-threat-detection-enabled
azure-mysql-threat-detection-enabled
azure-securitycenter-contact-emails
azure-securitycenter-contact-emails
azure-keyvault-recovery-enabled
azure-keyvault-recovery-enabled
azure-postgresql-server-log-checkpoint-enabled
azure-postgresql-server-log-checkpoint-enabled
azure-appservice-php-version
azure-appservice-php-version
azure-mariadb-sslenforcement-enabled
azure-mariadb-sslenforcement-enabled
azure-frontdoor-enables-waf
azure-frontdoor-enables-waf
azure-secret-expiration-date
azure-secret-expiration-date
azure-monitor-log-profile-categories
azure-monitor-log-profile-categories
azure-monitor-log-profile-retention-days
azure-monitor-log-profile-retention-days
azure-sqlserver-email-alerts-toadmins-enabled
azure-sqlserver-email-alerts-toadmins-enabled
azure-defenderon-keyvaults
azure-defenderon-keyvaults
azure-postgresql-flexi-server-geo-backup-enabled
azure-postgresql-flexi-server-geo-backup-enabled
azure-postgresql-threat-detection-enabled
azure-postgresql-threat-detection-enabled
azure-appservice-java-version
azure-appservice-java-version
azure-keyvault-enables-purge-protection
azure-keyvault-enables-purge-protection
azure-functionapp-http-version-latest
azure-functionapp-http-version-latest
azure-storage-account-enables-secure-transfer
azure-storage-account-enables-secure-transfer
azure-mysql-server-tlsenforcement-enabled
azure-mysql-server-tlsenforcement-enabled
azure-appservice-ftps-state
azure-appservice-ftps-state
azure-defenderon-storage
azure-defenderon-storage
azure-mysql-geo-backup-enabled
azure-mysql-geo-backup-enabled
azure-synapse-workscape-enables-managed-virtual-network
azure-synapse-workscape-enables-managed-virtual-network
azure-defenderon-sqlservers
azure-defenderon-sqlservers
azure-defenderon-container-registry
azure-defenderon-container-registry
azure-defenderon-kubernetes
azure-defenderon-kubernetes
azure-frontdoor-use-wafmode
azure-frontdoor-use-wafmode
azure-postgresql-ssl-enforcement-enabled
azure-postgresql-ssl-enforcement-enabled
azure-keyvault-enables-soft-delete
azure-keyvault-enables-soft-delete
azure-waf-specificed-mode-app-gw
azure-waf-specificed-mode-app-gw