Azure Publicly Exposed
Description
Detects Azure Function Apps that are configured to allow unrestricted public access without IP address filtering rules. This configuration could allow unauthorized access from any IP address to your Function App endpoints, potentially exposing sensitive functions to security risks.
Detection Strategy
• Checks if the Function App has public network access enabled
• Verifies if there are no IP security restrictions with 'Deny' rules configured
• Reports a vulnerability when public access is enabled AND no deny IP restrictions exist
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.