Internet-exposed
Posture
critical
1
high
3
medium
9
low
4
Ownership
Findings (18)
medium
Unencrypted RDS snapshot
ProwlerCSPM
triaged
8.4
medium
IAM role with wildcard permissions
Cloudflare WAFWAF
open
8
critical
Unencrypted RDS snapshot
CheckmarxSAST
open
8.4
low
Container running as root
SonarQubeSAST
triaged
5.5
low
Hardcoded AWS access key in source
CodeQLSAST
open
4.3
high
Insecure deserialization in message queue consumer
Burp Pro PenTestPenTest
triaged
4.1
medium
IAM role with wildcard permissions
SnykSCA
accepted
8.5
medium
IAM role with wildcard permissions
GitleaksSecrets
false positive
4.7
medium
Log4Shell vulnerable dependency
ProwlerCSPM
open
4.2
medium
Race condition in payment idempotency
TrivyContainer
open
5.7
high
Log4Shell vulnerable dependency
Burp SuiteDAST
open
6
low
Path traversal in file download endpoint
OWASP ZAPDAST
triaged
8.7
medium
Excessive Kubernetes RBAC privileges
WizCSPM
triaged
7.5
low
Insecure deserialization in message queue consumer
SnykSCA
open
5.1
info
Dependency confusion risk on internal package
CodeQLSAST
open
6.6