Control: Azure > CIS v3.0 > 09 - Application Services > 09.06 - Ensure that 'Basic Authentication' is 'Disabled'

Configures auditing against a CIS Benchmark item.

Level: 1

Basic Authentication provides the ability to create identities and authentication for an App Service without a centralized Identity Provider. For a more effective, capable, and secure solution for Identity, Authentication, Authorization, and Accountability, a centralized Identity Provider such as Entra ID is strongly advised.

Basic Authentication introduces an identity silo which can produce privileged access to a resource. This can be exploited in numerous ways and represents a significant vulnerability and attack vector.

Resource Types

This control targets the following resource types:

Azure > App Service > Web App

In Your Workspace

Developers

Control Type URI

tmod:@turbot/azure-cisv3-0#/control/types/r0906

Category URI

tmod:@turbot/cis#/control/categories/v071602

GraphQL

query controlType(id: "tmod:@turbot/azure-cisv3-0#/control/types/r0906") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/azure-cisv3-0#/control/types/r0906'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv3-0#/control/types/r0906"