Azure Soft Delete Retention
Description
Detects Azure Key Vaults with insufficient soft delete retention periods. When soft delete is enabled but configured with a retention period of less than 90 days, deleted keys, secrets, and certificates may not be recoverable for an adequate duration to meet security and compliance requirements.
Detection Strategy
• Checks if soft delete is enabled for the Azure Key Vault
• Verifies if the soft delete retention period is set to less than 90 days
• Reports a vulnerability when a Key Vault has soft delete enabled but retention period is insufficient
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.