Feature/devsecops demo 03 by CalinL · Pull Request #65 · githubabcs-devops/gh-advsec-devsecops

Check failure on line 29 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

API app should only be accessible over HTTPS. Error

API apps should require HTTPS to ensure connections are made to the expected server and data in transit is protected from network layer eavesdropping attacks.

Check failure on line 44 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

API app should only be accessible over HTTPS. Error

API apps should require HTTPS to ensure connections are made to the expected server and data in transit is protected from network layer eavesdropping attacks.

Check failure on line 70 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

Function app should only be accessible over HTTPS. Error

Function apps should require HTTPS to ensure connections are made to the expected server and data in transit is protected from network layer eavesdropping attacks.

Check failure on line 85 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

Function app should only be accessible over HTTPS. Error

Function apps should require HTTPS to ensure connections are made to the expected server and data in transit is protected from network layer eavesdropping attacks.

Check failure on line 111 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

Web apps should only be accessible over HTTPS. Error

Web apps should require HTTPS to ensure connections are made to the expected server and data in transit is protected from network layer eavesdropping attacks.

Check failure on line 125 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

Web apps should only be accessible over HTTPS. Error

Web apps should require HTTPS to ensure connections are made to the expected server and data in transit is protected from network layer eavesdropping attacks.

Check failure on line 165 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

FTPS only should be required in your API app. Error

Enable FTPS enforcement for enhanced security.

Check failure on line 165 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

Latest TLS version should be used in your API app. Error

API apps should require the latest TLS version.

Check failure on line 179 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

Diagnostic logs in App Service should be enabled. Error

Enable auditing of diagnostic logs on the app. This enables you to recreate activity trails for investigation purposes if a security incident occurs or your network is compromised.

Check failure on line 179 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

FTPS only should be required in your function app. Error

Enable FTPS enforcement for enhanced security.

Check failure on line 179 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

Latest TLS version should be used in your function app. Error

Function apps should require the latest TLS version.

Check failure on line 179 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

FTPS only should be required in your web app. Error

Enable FTPS enforcement for enhanced security.

Check failure on line 179 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

Latest TLS version should be used in your web app. Error

Web apps should require the latest TLS version.

Check failure on line 187 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

Managed identity should be used in your API app. Error

For enhanced authentication security, use a managed identity. On Azure, managed identities eliminate the need for developers to have to manage credentials by providing an identity for the Azure resource in Azure AD and using it to obtain Azure Active Directory (Azure AD) tokens.

Check failure on line 195 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

FTPS only should be required in your API app. Error

Enable FTPS enforcement for enhanced security.

Check failure on line 195 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

Latest TLS version should be used in your API app. Error

API apps should require the latest TLS version.

Check failure on line 199 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

CORS should not allow every resource to access your API app. Error

Cross-Origin Resource Sharing (CORS) should not allow all domains to access your API app. Allow only required domains to interact with your API app.

Check failure on line 218 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

CORS should not allow every resource to access your API app. Error

Cross-Origin Resource Sharing (CORS) should not allow all domains to access your API app. Allow only required domains to interact with your API app.

Check failure on line 218 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

CORS should not allow every resource to access your function app. Error

Cross-Origin Resource Sharing (CORS) should not allow all domains to access your function app. Allow only required domains to interact with your function app.

Check failure on line 218 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

CORS should not allow every resource to access your web apps. Error

Cross-Origin Resource Sharing (CORS) should not allow all domains to access your web application. Allow only required domains to interact with your web app.

Check failure on line 264 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

Diagnostic logs in App Service should be enabled. Error

Enable auditing of diagnostic logs on the app. This enables you to recreate activity trails for investigation purposes if a security incident occurs or your network is compromised.

Check failure on line 264 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

FTPS only should be required in your web app. Error

Enable FTPS enforcement for enhanced security.

Check failure on line 264 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

Latest TLS version should be used in your web app. Error

Web apps should require the latest TLS version.

Check failure on line 268 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

CORS should not allow every resource to access your web apps. Error

Cross-Origin Resource Sharing (CORS) should not allow all domains to access your web application. Allow only required domains to interact with your web app.

Check failure on line 274 in samples/insecure_arm-01.json

Code scanning / templateanalyzer

Managed identity should be used in your web app. Error

For enhanced authentication security, use a managed identity. On Azure, managed identities eliminate the need for developers to have to manage credentials by providing an identity for the Azure resource in Azure AD and using it to obtain Azure Active Directory (Azure AD) tokens.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Feature/devsecops demo 03 #65

Uh oh!

Uh oh!

Feature/devsecops demo 03 #65

Uh oh!

29 new alerts including 29 errors

New alerts in code changed by this pull request

Annotations

Re-running checks...

Feature/devsecops demo 03 #65

Are you sure you want to change the base?

Uh oh!

Add files

Uh oh!

Feature/devsecops demo 03 #65

Uh oh!

29 new alerts including 29 errors

New alerts in code changed by this pull request

Annotations

Re-running checks...