Scan your App Service for vulnerabilities

This article has been moved to its new home here: https://benperk.github.io/msdn/2016/2016-04-scan-your-app-service-for-vulnerabilities.html

A recent feature deployed for App Services (Web App, Mobile App, API App or Logic App) is a tool that can scan your App Service for vulnerabilities, announced here.

Once you have signed up, you will see a link to your management console similar to that shown in Figure 1.

_{Figure 1, check your App Service for vulnerabilities}

It did take some minutes for the extension to be installed, be a little patient, but in the end it worked just fine and clicking on the link navigated me to the extension within my KUDU console, Figure 2. I discuss what KUDU is here.

_{Figure 2, scanning an App Service (Web App, Mobile App, API App and Logic App) for security}

You can also see the installed extension in KUDU by clicking on the Site Extensions link, similar to that shown in Figure 3.

_{Figure 3, security App Service, secure cloud, secure Web App}

Once complete you can view the results, Figure 4, and if there is anything found, you can take an action on them. I found none when I scanned my Web App.

_{Figure 4, scan results for security scan of an App Service (Web App, Mobile App, API App and Logic App)}