At work we were asked how do we scan a website we have deployed to Azure for vulnerabilities and I wanted to share how we go about it by using Tinfoil https://www.tinfoilsecurity.com/azure
Within Azure if you have an App Service plan you can click on that from App Services within the Azure Portal and then look for the following:-

After you click on that then look for Premium Tools like so: -


As you can see this is a paid service which will scan your website for security vulnerabilities.

You can read more on this here: - https://azure.microsoft.com/en-gb/blog/web-vulnerability-scanning-for-azure-app-service-powered-by-tinfoil-security/


