Posture
critical
3
high
5
medium
2
low
5
Ownership
Findings (17)
medium
Hardcoded AWS access key in source
Scout SuiteCSPM
triaged
8.6
high
S3 bucket publicly readable
TruffleHogSecrets
false positive
7.7
high
SQL Injection in user-input handler
SemgrepSAST
open
8.5
info
Excessive Kubernetes RBAC privileges
OWASP ZAPDAST
false positive
7.2
low
Path traversal in file download endpoint
GitleaksSecrets
accepted
7.5
info
Missing rate limiting on /login
Cloudflare WAFWAF
false positive
9.2
critical
Outdated lodash with prototype pollution
SemgrepSAST
open
7.5
high
SQL Injection in user-input handler
DependabotSCA
triaged
7.5
medium
Path traversal in file download endpoint
GrypeContainer
false positive
6
low
Container running as root
OWASP ZAPDAST
open
7.3
high
JWT signed with weak HS256 secret
tfsecIaC
accepted
5.2
low
IAM role with wildcard permissions
SonarQubeSAST
open
9.7
high
Dependency confusion risk on internal package
SemgrepSAST
triaged
6.1
low
Log4Shell vulnerable dependency
SonarQubeSAST
accepted
5.1
low
Outdated lodash with prototype pollution
CheckovIaC
triaged
4.3
critical
Dependency confusion risk on internal package
CheckmarxSAST
false positive
4.3