Network misconfigurations

Azure Premium Service Bus is public

Platform(s)
Compliance Frameworks

Description

By default, Service Bus namespaces are accessible from internet as long as the request comes with valid authentication and authorization. If public access is required, you still can restrict access to Service Bus using Firewall/Virtual networks rules. Specify at least one IP firewall rule or virtual network rule for the namespace to allow traffic only from the specified IP addresses or subnet of a virtual network. If there are no IP and virtual network rules, the namespace can be accessed over the public internet (using the access key).

  • Recommended Mitigation

    It is recommended to add at least one Firewall/Virtual network rule to your {AzureServiceBus} Service Bus.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.