Azure Geo Replication Disabled

Description

Detects Azure Storage Accounts that are not configured with geo-replication capabilities. Without geo-replication enabled, storage accounts are vulnerable to regional outages and disasters, potentially leading to data unavailability or loss.

Weakness:

101 - Lack of protection against deletion

Category: Functionality Abuse

Detection Strategy

• Reports a vulnerability when a Storage Account's SKU is not set to any of the geo-redundant options (Standard_GRS, Standard_GZRS, Standard_RAGRS, or Standard_RAGZRS)

• Checks the storage account's SKU name property to verify if geo-replication is enabled

• Evaluates each storage account in the subscription to ensure proper disaster recovery configurations are in place

Free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.