Scan your App Service for vulnerabilities

A recent feature deployed for App Services (Web App, Mobile App, API App or Logic App) is a tool that can scan your App Service for vulnerabilities, announced here.

Once you have signed up, you will see a link to your management console similar to that shown in Figure 1.

image

Figure 1, check your App Service for vulnerabilities

It did take some minutes for the extension to be installed, be a little patient, but in the end it worked just fine and clicking on the link navigated me to the extension within my KUDU console, Figure 2. I discuss what KUDU is here.

image

Figure 2, scanning an App Service (Web App, Mobile App, API App and Logic App) for security

You can also see the installed extension in KUDU by clicking on the Site Extensions link, similar to that shown in Figure 3.

image

Figure 3, security App Service, secure cloud, secure Web App

Once complete you can view the results, Figure 4, and if there is anything found, you can take an action on them. I found none when I scanned my Web App.

image

Figure 4, scan results for security scan of an App Service (Web App, Mobile App, API App and Logic App)