Handles PII
Posture
critical
2
high
10
medium
9
low
4
Ownership
Findings (26)
medium
JWT signed with weak HS256 secret
SnykSCA
open
5.9
medium
Unencrypted RDS snapshot
tfsecIaC
open
7.8
high
Terraform module pins old AMI with CVEs
Cloudflare WAFWAF
triaged
7.2
high
Path traversal in file download endpoint
Burp Pro PenTestPenTest
open
9.7
high
Missing rate limiting on /login
CodeQLSAST
triaged
4.4
medium
Hardcoded AWS access key in source
OWASP ZAPDAST
triaged
4.1
medium
S3 bucket publicly readable
OWASP ZAPDAST
open
6.9
medium
Terraform module pins old AMI with CVEs
GitleaksSecrets
triaged
8.4
medium
Dependency confusion risk on internal package
OWASP ZAPDAST
false positive
7.4
high
Unencrypted RDS snapshot
CheckovIaC
triaged
5.3
high
S3 bucket publicly readable
GrypeContainer
accepted
6.5
low
IAM role with wildcard permissions
CodeQLSAST
false positive
7.9
high
Dependency confusion risk on internal package
Contrast RASPRASP
false positive
6.2
high
Insecure deserialization in message queue consumer
TrivyContainer
open
5.9
high
IAM role with wildcard permissions
tfsecIaC
open
8.8
high
Terraform module pins old AMI with CVEs
Cloudflare WAFWAF
accepted
5
info
Path traversal in file download endpoint
GitleaksSecrets
open
8.1
critical
Insecure deserialization in message queue consumer
SonarQubeSAST
triaged
9.6
medium
Log4Shell vulnerable dependency
CheckmarxSAST
open
8.7
low
Unencrypted RDS snapshot
TruffleHogSecrets
open
7.2
critical
Terraform module pins old AMI with CVEs
SonarQubeSAST
false positive
7.5
medium
Missing CSP header on auth pages
OWASP ZAPDAST
open
7.9