You are on the public demo. All data is seeded, minor inconsistencies are expected.Contact us

CSPM

17 findings


CRITICAL	OPEN	Object storage bucket is public	Storage	Cloud only	scw://bucket/prod-data-eu
CRITICAL	OPEN	RDS instance is publicly accessible	Database	DRIFT	arn:aws:rds:eu-west-1:123456789012:db:prod-orders
CRITICAL	OPEN	Kubernetes API server is exposed to 0.0.0.0/0	Kubernetes	Cloud only	k8s-prod-eu
CRITICAL	OPEN	NSG allows RDP from internet	Network	Cloud only	azure://Microsoft.Network/networkSecurityGroups/prod-nsg
HIGH	OPEN	Instance has public IP with permissive security group	Compute	Cloud only	scw://instance/i-7f3b9a
HIGH	OPEN	Storage account allows HTTP traffic	Storage	Cloud only	azure://Microsoft.Storage/storageAccounts/prodeustorage
HIGH	OPEN	IAM role uses wildcard Action permissions	IAM	Cloud only	arn:aws:iam::123456789012:role/prod-deploy
HIGH	OPEN	SSH (port 22) open to the world	Network	DRIFT	arn:aws:ec2:eu-west-1:123456789012:security-group/sg-default-22
HIGH	OPEN	RDS automated backups disabled	Database	Cloud only	arn:aws:rds:eu-west-1:123456789012:db:staging-db
MEDIUM	RESOLVED	OS Login disabled on Compute Engine instance	Compute	Cloud only	gcp://compute/instance/api-staging-1
MEDIUM	OPEN	S3 bucket versioning is disabled	Storage	Code & Cloud	arn:aws:s3:::staging-logs
MEDIUM	IGNORED	Function uses deprecated Node 14 runtime	Serverless	Cloud only	scw://function/eu-cleanup-cron
MEDIUM	IGNORED	CloudTrail log file validation is disabled	Logging	Cloud only	arn:aws:cloudtrail:eu-west-1:123456789012:trail/prod-trail
MEDIUM	RESOLVED	KMS key rotation is not enabled	Cryptography	Cloud only	gcp://kms/key/prod-master-key
MEDIUM	RESOLVED	S3 bucket versioning is disabled	Storage	Cloud only	arn:aws:s3:::staging-uploads
LOW	RESOLVED	Object storage bucket logging is disabled	Storage	Cloud only	arn:aws:s3:::staging-logs
LOW	OPEN	Object storage bucket logging is disabled	Storage	Cloud only	scw://bucket/dev-uploads