Azure Container Soft Delete Disabled
Description
Detects Azure Storage Accounts where blob container soft delete protection is either disabled or configured with an insufficient retention period. Soft delete helps prevent accidental or malicious deletion of data by keeping deleted objects recoverable for a specified time period.
Detection Strategy
• Checks if container_delete_retention_policy is completely missing from the blob service properties
• Checks if container_delete_retention_policy is disabled (enabled = false)
• Checks if retention period is less than the minimum required days (currently 7 days)
• Reports a vulnerability for any storage account that fails one or more of these checks
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.