72posture
Security posture
Fair — improving
Up 9 points in 30 days. Clear the 3 criticals below to reach Good.
Critical open
3
▾ 2 this week
Assets monitored
1,284
+36 new
Accounts connected
3 / AWS
all healthy
What matters this week
9.8
CVE-2021-44228 · Log4j · prod-api (3 hosts) · internet-facing
Remote code execution on your payments service
Fix: upgrade
log4j-core to 2.17.1 — patch drafted for 3 services9.1
S3 · backups-eu · public ACL
Customer backups readable by anyone on the internet
Fix: enable Block Public Access + scope the bucket policy to your account
8.1
IAM · 4 roles · prod
Over-permissioned roles can reach production data
Fix: apply least-privilege — scoped policy drafted, review before apply
7.8
CVE-2023-44487 · ingress-nginx · 12 pods
HTTP/2 Rapid Reset — denial-of-service exposure
Fix: upgrade
ingress-nginx to 1.9.4 across the clusterStack coverage
Cloud (AWS)config & posture
312 assets
Hosts & imagesOS / packages
540 assets
App dependenciesnpm / pip / maven
280 pkgs
Networkedge & appliances
28 devices
Data exposurebuckets / secrets
124 stores
Recent activity
Heartbleed marked resolved across 41 hosts2h
New critical: Log4Shell on prod-api5h
Weekly DORA report generated1d
Bucket logs-staging set to private2d
Connected AWS account 9921·eu-central-13d