Skip to content

cis_9_11 — App Service uses latest TLS version

Summary

Severity: High · Pillar: Network · Chain role: ENABLER

Description

App Services using TLS versions older than 1.2 are vulnerable to protocol downgrade attacks and known cryptographic weaknesses that enable traffic interception.

Mapping

Framework Control / Reference
NIST 800-53 SC-8
NIST 800-207
CIS Azure 9.11
MITRE ATT&CK Technique T1557
MITRE ATT&CK Tactic Credential Access
Zero-Trust Tenet
Framework tags cis-azure-2.0, nist-800-53

Source

Rule defined at policies/azure/cis/appservice/cis_9_11.rego.

View on GitHub