Internet-exposed
Handles PII
Posture
critical
1
high
3
medium
7
low
8
Ownership
Findings (22)
low
Path traversal in file download endpoint
SonarQubeSAST
accepted
6.6
critical
S3 bucket publicly readable
TruffleHogSecrets
open
8.7
high
Terraform module pins old AMI with CVEs
SnykSCA
open
4.1
medium
Container running as root
CodeQLSAST
open
7.1
low
Unencrypted RDS snapshot
CheckmarxSAST
open
4.9
low
Outdated lodash with prototype pollution
Burp SuiteDAST
false positive
4.8
medium
Missing CSP header on auth pages
DependabotSCA
open
6.6
info
Terraform module pins old AMI with CVEs
CheckmarxSAST
accepted
9
medium
Open Redis without auth
GitleaksSecrets
accepted
5.4
medium
Open Redis without auth
DependabotSCA
open
7.1
low
Missing CSP header on auth pages
Burp SuiteDAST
triaged
5.7
low
Missing rate limiting on /login
CheckovIaC
open
5.6
low
Missing rate limiting on /login
OWASP ZAPDAST
accepted
9.1
info
Outdated lodash with prototype pollution
Contrast RASPRASP
accepted
6.1
low
SSRF in webhook fetcher
CodeQLSAST
triaged
4.5
medium
Dependency confusion risk on internal package
TruffleHogSecrets
open
8.1
medium
Race condition in payment idempotency
WizCSPM
false positive
7.8
high
Race condition in payment idempotency
TrivyContainer
triaged
7