Control: Azure > CIS v3.0 > 09 - Application Services > 09.06 - Ensure that 'Basic Authentication' is 'Disabled'
Configures auditing against a CIS Benchmark item.
Level: 1
Basic Authentication provides the ability to create identities and authentication for an App Service without a centralized Identity Provider. For a more effective, capable, and secure solution for Identity, Authentication, Authorization, and Accountability, a centralized Identity Provider such as Entra ID is strongly advised.
Basic Authentication introduces an identity silo which can produce privileged access to a resource. This can be exploited in numerous ways and represents a significant vulnerability and attack vector.
Resource Types
This control targets the following resource types:
Policies
This control type relies on these other policies when running actions:
- Azure > CIS v3.0 > Maximum Attestation Duration
- Azure > CIS v3.0 > 09 - Application Services > 09.06 - Ensure that 'Basic Authentication' is 'Disabled' > Attestation
- Azure > CIS v3.0
- Azure > CIS v3.0 > 09 - Application Services > 09.06 - Ensure that 'Basic Authentication' is 'Disabled'
- Azure > CIS v3.0 > 09 - Application Services
- Azure > CIS v3.0 > 09 - Application Services > Maximum Attestation Duration
Category
In Your Workspace
Developers
- tmod:@turbot/azure-cisv3-0#/control/types/r0906
- tmod:@turbot/cis#/control/categories/v071602
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv3-0#/control/types/r0906"
Get Controls
Control Type URI
Category URI
GraphQL
CLI