Handles PII
Posture
critical
1
high
7
medium
11
low
7
Ownership
Findings (28)
critical
Insecure deserialization in message queue consumer
CheckovIaC
open
9.6
high
Log4Shell vulnerable dependency
ProwlerCSPM
open
5.9
low
Container running as root
GitleaksSecrets
triaged
9.1
medium
Missing CSP header on auth pages
SnykSCA
triaged
8.9
high
S3 bucket publicly readable
Contrast RASPRASP
triaged
7.6
low
Open Redis without auth
Burp SuiteDAST
false positive
4.8
info
Dependency confusion risk on internal package
Burp Pro PenTestPenTest
open
7.5
low
Container running as root
TruffleHogSecrets
open
5.4
medium
Insecure deserialization in message queue consumer
SonarQubeSAST
open
8.4
medium
Container running as root
CheckovIaC
triaged
5.7
medium
Terraform module pins old AMI with CVEs
Burp SuiteDAST
triaged
5.1
low
Path traversal in file download endpoint
TrivyContainer
open
6
high
IAM role with wildcard permissions
SonarQubeSAST
open
6
medium
Missing rate limiting on /login
WizCSPM
open
4.1
low
Dependency confusion risk on internal package
Contrast RASPRASP
open
9.6
high
Open Redis without auth
Scout SuiteCSPM
open
4.1
medium
S3 bucket publicly readable
GitleaksSecrets
open
5.1
high
Dependency confusion risk on internal package
OWASP ZAPDAST
triaged
8.9
info
Excessive Kubernetes RBAC privileges
SemgrepSAST
open
8.3
medium
Cross-site Scripting in profile renderer
CheckovIaC
false positive
6.8
medium
Hardcoded AWS access key in source
GrypeContainer
open
6.6