What to build
For each of the 10 starter scan rules, write a 2-3 sentence
real-world breach scenario explaining exactly why this
misconfiguration is dangerous and what an attacker would do with it.
Why this matters
Security rules are only useful if people understand the risk.
A concrete scenario makes the rule meaningful to developers
who aren't security experts.
Example format
AZ-STOR-001: Public blob access enabled
In 2021, a misconfigured Azure storage blob exposed 38 million
records including COVID-19 vaccination data. An attacker needs
only the storage account URL — no credentials required — to
download everything in the container.
Rules that need scenarios
Where it goes
Add to docs/adding-a-rule.md under a new section:
## Real-world impact of each rule
Branch
docs/breach-scenarios
What to build
For each of the 10 starter scan rules, write a 2-3 sentence
real-world breach scenario explaining exactly why this
misconfiguration is dangerous and what an attacker would do with it.
Why this matters
Security rules are only useful if people understand the risk.
A concrete scenario makes the rule meaningful to developers
who aren't security experts.
Example format
AZ-STOR-001: Public blob access enabled
Rules that need scenarios
Where it goes
Add to
docs/adding-a-rule.mdunder a new section:## Real-world impact of each ruleBranch
docs/breach-scenarios