Internet-exposed
Handles PII
Posture
critical
2
high
7
medium
3
low
6
Ownership
Findings (18)
high
SSRF in webhook fetcher
SemgrepSAST
triaged
8.7
medium
Missing rate limiting on /login
SnykSCA
triaged
8.6
medium
S3 bucket publicly readable
WizCSPM
triaged
7.8
low
Insecure deserialization in message queue consumer
Burp SuiteDAST
triaged
8.7
high
IAM role with wildcard permissions
Scout SuiteCSPM
accepted
8.3
low
Log4Shell vulnerable dependency
GitleaksSecrets
triaged
6.1
low
Missing rate limiting on /login
SemgrepSAST
false positive
6.6
low
IAM role with wildcard permissions
GrypeContainer
accepted
7.3
low
Dependency confusion risk on internal package
SonarQubeSAST
triaged
5.5
critical
IAM role with wildcard permissions
GitleaksSecrets
accepted
4.2
high
Dependency confusion risk on internal package
DependabotSCA
open
6.9
high
IAM role with wildcard permissions
CodeQLSAST
open
9.9
high
JWT signed with weak HS256 secret
CheckovIaC
open
7.3
critical
Container running as root
ProwlerCSPM
open
8.4
high
IAM role with wildcard permissions
CodeQLSAST
open
8.2