77 rules
Group by
Issue Severity
Current versus a month ago
Open and Resolved Issues
Past 30 days
Chart
Combination chart with 3 data series.
The chart has 1 X axis displaying Time. Data ranges from 2024-10-08 00:00:00 to 2024-11-07 00:00:00.
The chart has 1 Y axis displaying values. Data ranges from 5 to 2138.
End of interactive chart.
Open Issues
Past 30 days
Critical
0%
2Chart
Chart with 31 data points.
The chart has 1 X axis displaying Time. Data ranges from 2024-10-08 00:00:00 to 2024-11-07 14:59:37.
The chart has 1 Y axis displaying values. Data ranges from 2 to 2.
End of interactive chart.
High
264%
40Chart
Chart with 31 data points.
The chart has 1 X axis displaying Time. Data ranges from 2024-10-08 00:00:00 to 2024-11-07 14:59:37.
The chart has 1 Y axis displaying values. Data ranges from 10 to 41.
End of interactive chart.
0 rules selected
Select/Unselect All | Expand/Collapse Row | Rule | Issues | Severity | Risks | Type | Row actions |
|---|---|---|---|---|---|---|---|
Publicly exposed VM vulnerable to CVE-2024-6387 (RCE vulnerabilities in OpenSSH) | 1 | Critical | |||||
VM exposed to the internet through SSH vulnerable to CVE-2024-6387 (RCE vulnerabilities in OpenSSH) | 1 | Critical | |||||
Service account with high privileges can be assumed by a principal in an external subscription | 33 | High | |||||
Secrets/certificates generated for multiple Microsoft Entra ID (AAD) applications, followed by authentication of a respective high privileged application in a short period of time | 3 | High | |||||
Anomalous behavior GuardDuty alerts were triggered on an admin user/service account | 2 | High | |||||
A highly privileged Microsoft Entra ID (AAD) user changed or reset its password from a foreign IP address | 1 | High | |||||
Third party service account with high privileges | 1 | High | |||||
Unknown account with trusted access to admin IAM role | 1 | High | |||||
VPC has no Route 53 DNS resolver with logging enabled | 444 | Medium | - | ||||
Service account with high privileges is inactive for over 90 days | 79 | Medium | |||||
Admin account is inactive for over 90 days | 64 | Medium | |||||
Azure guest user has high privileges | 61 | Medium | |||||
S3 Bucket with object-level read events logging disabled | 31 | Medium | |||||
S3 Bucket with object-level write events logging disabled | 31 | Medium | |||||
User account with excessive admin privileges | 20 | Medium | |||||
Inactive AWS user account with admin privileges and MFA disabled | 16 | Medium | |||||
Microsoft Entra ID (AAD) user/service account can impersonate an application with permission to add members to a group with admin privileges at the subscription/management group level | 14 | Medium | |||||
AWS user account with admin privileges and MFA disabled | 12 | Medium | |||||
CloudTrail S3 Bucket has logging disabled | 9 | Medium | |||||
Service account with lateral movement to admin in another account | 7 | Medium |
