Azure Geo Replication Disabled
Description
Detects Azure Storage Accounts that are not configured with geo-replication capabilities. Without geo-replication enabled, storage accounts are vulnerable to regional outages and disasters, potentially leading to data unavailability or loss.
Detection Strategy
• Reports a vulnerability when a Storage Account's SKU is not set to any of the geo-redundant options (Standard_GRS, Standard_GZRS, Standard_RAGRS, or Standard_RAGZRS)
• Checks the storage account's SKU name property to verify if geo-replication is enabled
• Evaluates each storage account in the subscription to ensure proper disaster recovery configurations are in place
Severity v4.0
1.8
Low
Method ID
CSPM-EEET1
Technique
CSPM
Target
AZURE
Technology
STORAGE_ACCOUNT
CWE ID(s)
CWE-732Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan.If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.