CodeAnt AI home pagelight logodark logo
  • Dashboard
  • Dashboard

Keyvault

keyvault-content-type-for-secret

Key vault Secret should have a content type set

keyvault-ensure-secret-expires

Ensure that the expiration date is set on all secrets
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-262: Not Using Password Aging

keyvault-purge-enabled

Key vault should have purge protection enabled
Likelihood: MEDIUM
Confidence: MEDIUM
CWE:
- CWE-693: Protection Mechanism Failure

keyvault-specify-network-acl

Network ACLs allow you to reduce your exposure to risk by limiting what can access your key vault. The default action of the Network ACL should be set to deny for when IPs are not matched. Azure services can be allowed to bypass.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-284: Improper Access Control
OWASP:
- A05:2017 - Broken Access Control
- A01:2021 - Broken Access Control

keyvault-ensure-key-expires

Ensure that the expiration date is set on all keys
Likelihood: LOW
Confidence: MEDIUM
CWE:
- CWE-262: Not Using Password Aging

Assistant
Responses are generated using AI and may contain mistakes.
twitterlinkedin
Powered by Mintlify
  • Documentation
  • Demo Call with CEO
  • Blog
  • Slack
    • Get Started
    • CodeAnt AI
    • Setup
    • Control Center
    • Pull Request Review
    • IDE
    • Compliance
    • Anti-Patterns
    • Code Governance
    • Infrastructure Security Database
    • Application Security Database

    Keyvault

    keyvault-content-type-for-secret

    Key vault Secret should have a content type set

    keyvault-ensure-secret-expires

    Ensure that the expiration date is set on all secrets
    Likelihood: LOW
    Confidence: MEDIUM
    CWE:
    - CWE-262: Not Using Password Aging

    keyvault-purge-enabled

    Key vault should have purge protection enabled
    Likelihood: MEDIUM
    Confidence: MEDIUM
    CWE:
    - CWE-693: Protection Mechanism Failure

    keyvault-specify-network-acl

    Network ACLs allow you to reduce your exposure to risk by limiting what can access your key vault. The default action of the Network ACL should be set to deny for when IPs are not matched. Azure services can be allowed to bypass.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-284: Improper Access Control
    OWASP:
    - A05:2017 - Broken Access Control
    - A01:2021 - Broken Access Control

    keyvault-ensure-key-expires

    Ensure that the expiration date is set on all keys
    Likelihood: LOW
    Confidence: MEDIUM
    CWE:
    - CWE-262: Not Using Password Aging

    Assistant
    Responses are generated using AI and may contain mistakes.
    twitterlinkedin
    Powered by Mintlify