Posture
critical
3
high
3
medium
2
low
4
Ownership
Findings (13)
high
Excessive Kubernetes RBAC privileges
GrypeContainer
open
6
high
Missing CSP header on auth pages
SonarQubeSAST
open
5.3
critical
IAM role with wildcard permissions
TruffleHogSecrets
open
9.1
critical
Insecure deserialization in message queue consumer
ProwlerCSPM
open
8.2
medium
Missing CSP header on auth pages
Burp Pro PenTestPenTest
open
5.9
low
Dependency confusion risk on internal package
Cloudflare WAFWAF
open
5.6
info
Terraform module pins old AMI with CVEs
CodeQLSAST
open
6.4
critical
Hardcoded AWS access key in source
CodeQLSAST
open
5.4
medium
SQL Injection in user-input handler
SnykSCA
open
6.6
low
Race condition in payment idempotency
TruffleHogSecrets
false positive
4.7