CodeAnt AI home pagelight logodark logo
  • Dashboard
  • Dashboard
  • Documentation
  • Demo Call with CEO
  • Blog
  • Slack
  • Get Started
    • CodeAnt AI
    • Setup
    • Control Center
    • Pull Request Review
    • IDE
    • Compliance
    • Anti-Patterns
    • Code Governance
    • Infrastructure Security Database
    • Application Security Database
      • Apex
      • Bash
      • C
      • Clojure
      • Cpp
      • Csharp
      • Dockerfile
      • Elixir
      • Fingerprints
      • Generic
      • Go
      • Html
      • Java
      • Javascript
      • Json
      • Kotlin
      • Ocaml
      • Php
      • Problem-based-packs
      • Python
      • Ruby
      • Rust
      • Scala
      • Solidity
      • Swift
      • Terraform
        • Aws
        • Azure
          • Best practice
          • Security
          • Security
            • Aks
            • Apiservice
            • Appservice
            • Functionapp
            • Keyvault
            • Storage
        • Gcp
        • Lang
      • Typescript
      • Yaml
    Security

    Keyvault

    Key vault Secret should have a content type set

    Ensure that the expiration date is set on all secrets
    Likelihood: LOW
    Confidence: MEDIUM
    CWE:
    - CWE-262: Not Using Password Aging

    Key vault should have purge protection enabled
    Likelihood: MEDIUM
    Confidence: MEDIUM
    CWE:
    - CWE-693: Protection Mechanism Failure

    Network ACLs allow you to reduce your exposure to risk by limiting what can access your key vault. The default action of the Network ACL should be set to deny for when IPs are not matched. Azure services can be allowed to bypass.
    Likelihood: LOW
    Confidence: LOW
    CWE:
    - CWE-284: Improper Access Control
    OWASP:
    - A05:2017 - Broken Access Control
    - A01:2021 - Broken Access Control

    Ensure that the expiration date is set on all keys
    Likelihood: LOW
    Confidence: MEDIUM
    CWE:
    - CWE-262: Not Using Password Aging

    FunctionappStorage
    twitterlinkedin
    Powered by Mintlify