Ensure that ARG_0 access from the Internet is evaluated and restricted
Why This Matters
Allowing unrestricted internet access to Azure resources exposes your environment to unauthorized scanning, exploitation, and data exfiltration attempts. Attackers routinely probe for misconfigured network security groups that permit inbound RDP, SSH, or other high-risk ports from any source. Without evaluating and restricting internet-facing rules, you increase the attack surface and risk of compromise significantly.
What Aether365 Checks
Aether365 evaluates each network security group (NSG) for rules that allow inbound traffic from the Internet (source Any or Internet) to any port or commonly exposed ports. This check appears in your Aether365 dashboard under azure-network-security-groups and flags non-compliant configurations for remediation.