At work we were asked how do we scan a website we have deployed to Azure for vulnerabilities and I wanted to share how we go about it by using Tinfoil https://www.tinfoilsecurity.com/azure
Within Azure if you have an App Service plan you can click on that from App Services within the Azure Portal and then look for the following:-
After you click on that then look for Premium Tools like so: –
Once you click on Security Scanning you can the add a service called Tinfoil Security
As you can see this is a paid service which will scan your website for security vulnerabilities.
You can read more on this here: – https://azure.microsoft.com/en-gb/blog/web-vulnerability-scanning-for-azure-app-service-powered-by-tinfoil-security/