Handles PII
Posture
critical
2
high
5
medium
8
low
5
Ownership
Findings (23)
high
Insecure deserialization in message queue consumer
Burp Pro PenTestPenTest
false positive
10
critical
Hardcoded AWS access key in source
CheckovIaC
triaged
9.8
low
JWT signed with weak HS256 secret
GrypeContainer
triaged
4.7
low
Missing CSP header on auth pages
TrivyContainer
open
4.7
info
Insecure deserialization in message queue consumer
ProwlerCSPM
false positive
5.7
low
Container running as root
SonarQubeSAST
open
6.3
critical
SQL Injection in user-input handler
WizCSPM
triaged
8.5
medium
Hardcoded AWS access key in source
Burp Pro PenTestPenTest
open
6.6
info
Path traversal in file download endpoint
TrivyContainer
open
7.4
medium
Race condition in payment idempotency
Burp SuiteDAST
open
8.1
low
Terraform module pins old AMI with CVEs
Burp Pro PenTestPenTest
open
6.1
high
Path traversal in file download endpoint
CheckmarxSAST
open
6.6
info
Insecure deserialization in message queue consumer
Burp SuiteDAST
open
8.8
high
JWT signed with weak HS256 secret
TrivyContainer
triaged
8.4
medium
Hardcoded AWS access key in source
SonarQubeSAST
open
9.4
medium
Path traversal in file download endpoint
GitleaksSecrets
open
6.6