Handles PII
Posture
critical
3
high
5
medium
7
low
6
Ownership
Findings (22)
low
IAM role with wildcard permissions
WizCSPM
open
6
high
SSRF in webhook fetcher
CodeQLSAST
accepted
9.3
low
Missing CSP header on auth pages
OWASP ZAPDAST
open
7
low
Excessive Kubernetes RBAC privileges
GrypeContainer
false positive
4.9
high
Container running as root
SonarQubeSAST
open
8.4
critical
IAM role with wildcard permissions
CheckmarxSAST
false positive
8.5
low
Outdated lodash with prototype pollution
Contrast RASPRASP
triaged
5.3
medium
Terraform module pins old AMI with CVEs
Burp Pro PenTestPenTest
open
9
medium
Outdated lodash with prototype pollution
SnykSCA
open
6.4
medium
Missing CSP header on auth pages
SonarQubeSAST
open
6.7
high
Path traversal in file download endpoint
CheckovIaC
triaged
4.4
high
Outdated lodash with prototype pollution
GrypeContainer
open
7.8
medium
Missing rate limiting on /login
CheckmarxSAST
triaged
7.6
medium
JWT signed with weak HS256 secret
ProwlerCSPM
open
8.3
critical
Missing CSP header on auth pages
DependabotSCA
triaged
4.9
low
Insecure deserialization in message queue consumer
SnykSCA
triaged
5.2