Azure Authentication Disabled
Description
Detects Azure App Services that have platform-level authentication disabled. When authentication is not enabled, the application may be accessible without proper user authentication, potentially exposing sensitive functionality or data to unauthorized users.
Detection Strategy
• Examines the authentication configuration for each Azure App Service instance
• Checks if the platform authentication setting 'enabled' flag is set to false or missing
• Reports a vulnerability when an App Service is found with authentication disabled
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.