Network misconfigurations

Azure API management service without virtual network

Platform(s)
Compliance Frameworks

Description

It was detected that {AzureApiManagement} is not using a virtual network. Azure API Management can be deployed inside an Azure virtual network (VNet) to access backend services within the network. With Azure virtual networks (VNets), you can place your API Management instance in a non-internet-routable network to which you control access. In a virtual network, your API Management instance can securely access other networked Azure resources and also connect to on-premises networks using various VPN technologies. For more information, see https://learn.microsoft.com/en-us/azure/api-management/virtual-network-concepts?tabs=stv2.

  • Recommended Mitigation

    It's recommended to set up VNet connectivity for your API Management instance in order to enable advanced API Management networking and security features.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.