Insecure Azure storage SAS token

Nudiya Anjum 20 Reputation points
2024-11-04T05:16:24.4233333+00:00

Hi,

I am getting the recommendation "Insecure Azure storage SAS token" in Defender for the cloud.

How to resolve it?

Azure Storage Accounts
Azure Storage Accounts
Globally unique resources that provide access to data management services and serve as the parent namespace for the services.
3,295 questions
Windows Server Storage
Windows Server Storage
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Storage: The hardware and software system used to retain data for subsequent retrieval.
664 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,449 questions
0 comments No comments
{count} votes

Accepted answer
  1. Silvia Wibowo 4,261 Reputation points Microsoft Employee
    2024-11-04T07:10:07.53+00:00

    Hi @Nudiya Anjum , I understand that you get recommendation about Azure storage SAS token from Defender.

    Our recommendation: Limit shared access signature (SAS) tokens to HTTPS connections only, which means requiring HTTPS when a client uses a SAS token to access blob data. It helps to minimize the risk of eavesdropping. For more information, see Grant limited access to Azure Storage resources using shared access signatures (SAS).

    0 comments No comments

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.