Ensure that 'Allow Blob Anonymous Access' is set to 'Disabled'
Why This Matters
Allowing anonymous blob access on storage accounts creates a pathway for unauthorized users to read your data simply by guessing or enumerating blob URLs. An attacker can perform brute force attacks to discover and exfiltrate sensitive files, leading to data breaches and compliance violations. This setting should remain disabled unless a specific, well-documented business requirement exists for public access.
What Aether365 Checks
Aether365 verifies whether the Allow Blob Anonymous Access setting is configured to Disabled for each Azure Storage account. This check appears in your Aether365 dashboard under the azure-storage-accounts security category.