Internet-exposed
Posture
critical
1
high
1
medium
6
low
3
Ownership
Findings (14)
info
Insecure deserialization in message queue consumer
CodeQLSAST
triaged
4.5
medium
Unencrypted RDS snapshot
OWASP ZAPDAST
accepted
8.9
info
S3 bucket publicly readable
Cloudflare WAFWAF
open
7.6
low
Missing rate limiting on /login
GitleaksSecrets
false positive
7.9
low
Path traversal in file download endpoint
Scout SuiteCSPM
accepted
4.5
medium
Unencrypted RDS snapshot
GrypeContainer
open
4.8
info
Hardcoded AWS access key in source
Scout SuiteCSPM
triaged
8.3
medium
Open Redis without auth
TrivyContainer
triaged
9.1
medium
Unencrypted RDS snapshot
DependabotSCA
open
8
medium
Hardcoded AWS access key in source
Burp Pro PenTestPenTest
open
5.3
critical
IAM role with wildcard permissions
ProwlerCSPM
accepted
8.5
low
Insecure deserialization in message queue consumer
CheckovIaC
triaged
8.2
high
JWT signed with weak HS256 secret
tfsecIaC
false positive
6.2