Posture
critical
0
high
7
medium
10
low
12
Ownership
Findings (31)
low
IAM role with wildcard permissions
SonarQubeSAST
accepted
9.4
high
IAM role with wildcard permissions
Contrast RASPRASP
triaged
7.2
low
JWT signed with weak HS256 secret
Scout SuiteCSPM
accepted
7.6
medium
Outdated lodash with prototype pollution
SemgrepSAST
triaged
9.8
high
Cross-site Scripting in profile renderer
Cloudflare WAFWAF
triaged
6.2
low
S3 bucket publicly readable
TrivyContainer
triaged
9.1
medium
Open Redis without auth
GrypeContainer
open
6.6
high
Hardcoded AWS access key in source
Burp Pro PenTestPenTest
false positive
9.7
low
JWT signed with weak HS256 secret
SnykSCA
open
9.5
low
Dependency confusion risk on internal package
Burp Pro PenTestPenTest
triaged
8.1
medium
SQL Injection in user-input handler
CodeQLSAST
open
6.8
low
Open Redis without auth
OWASP ZAPDAST
triaged
6.9
medium
Log4Shell vulnerable dependency
GrypeContainer
false positive
5.6
high
S3 bucket publicly readable
ProwlerCSPM
open
8.9
medium
Insecure deserialization in message queue consumer
Contrast RASPRASP
open
5.4
low
Open Redis without auth
SnykSCA
triaged
6.1
info
JWT signed with weak HS256 secret
SemgrepSAST
triaged
6.5
low
Excessive Kubernetes RBAC privileges
GitleaksSecrets
open
5
medium
Unencrypted RDS snapshot
Contrast RASPRASP
triaged
4.2
medium
S3 bucket publicly readable
tfsecIaC
accepted
5.9
high
Container running as root
CodeQLSAST
triaged
4.6
low
Hardcoded AWS access key in source
CheckmarxSAST
triaged
4.4
low
Insecure deserialization in message queue consumer
SemgrepSAST
triaged
9.2
medium
IAM role with wildcard permissions
SnykSCA
false positive
7.1
high
Path traversal in file download endpoint
CheckmarxSAST
open
4.6
low
S3 bucket publicly readable
TruffleHogSecrets
accepted
5.3
info
Cross-site Scripting in profile renderer
GrypeContainer
accepted
8.2
low
Open Redis without auth
GrypeContainer
open
7.2