Findings
Status: OpenACME Corp
312 open findings 22 Critical 71 High 164 Medium 55 Low
Open findings · triage queue
Schedule report →| Severity | Finding | Asset | Mapped control | Source | Status | Age |
|---|---|---|---|---|---|---|
| Critical | MFA not enforced for privileged cloud access | Entra ID · 6 roles | NIST PR.AA-03 | Microsoft Entra ID | Open | 2d |
| Critical | Unencrypted patient data in a legacy datastore | legacy-reporting-db | HIPAA §164.312 | AWS KMS audit | Open | 8d |
| High | Quarterly access reviews are 9 months overdue | IdP privileged grants | SOC 2 CC6.2 | RiskTape workflow | Triaged | 9mo |
| Critical | Public S3 bucket exposes PII | s3://acme-billing | NIST PR.DS-01 | AWS Security Hub | Open | 3h |
| Critical | Unpatched critical CVE-2026-3148 | k8s-node-7 | CIS 7.3 | Tenable.io | Open | 6h |
| High | EDR missing on 12 endpoints | multiple | CIS 10.1 | CrowdStrike | Open | 1d |
| High | Dormant privileged account active | svc-legacy | CIS 5.3 | Microsoft Entra ID | Open | 2d |
| Medium | TLS 1.0 enabled on edge firewall | fw-edge-01 | NIST PR.DS-02 | Recon scanner | Mitigating | 2d |
Showing the top 8 of 312 — open any finding to drill into root cause, exposure, and the fix.