01
SECURITY DASHBOARD
Sun, Mar 8, 20264
Active Engagements
4
Contained
5
Resolved Today
14,892
Events (24h)
54
Monitored Assets
78/ 100
Security Posture+3 vs yesterday
MITRE ATT&CK COVERAGE
87% overallReconnaissance
92%
9/10
Resource Development
78%
5/7
Initial Access
95%
9/9
Execution
88%
12/14
Persistence
82%
16/19
Privilege Escalation
90%
12/13
Defense Evasion
75%
31/42
Credential Access
93%
16/17
Discovery
85%
26/31
Lateral Movement
91%
8/9
Collection
80%
14/17
Command and Control
88%
14/16
Exfiltration
94%
8/9
Impact
86%
12/14
90%+
75-89%
<75%
AGENT LAYER HEALTH
Infrastructure
342 evt/min
Network
1205 evt/min
Container
567 evt/min
Application
890 evt/min
Cloud
456 evt/min
IaC
23 evt/min
Data
234 evt/min
Identity
178 evt/min
Edge
45 evt/min
Red Team
89 evt/min
RECENT EVENTS
| Severity | Time | Layer | Event | Asset | Action |
|---|---|---|---|---|---|
| medium | 15:49:29 | identity | Package vulnerability alert | k8s-node-prod-02 | Process killed |
| low | 15:29:24 | infra | Privilege escalation attempt | rds-users-prod | Canary triggered |
| info | 15:27:51 | identity | CI pipeline modification | s3-backups-prod | Container terminated |
| high | 15:19:23 | edge | Suspicious login location | dns-resolver-01 | Rule auto-generated |
| info | 15:14:19 | data | DNS tunneling detected | okta-tenant | Deception endpoint deployed |
| low | 15:07:07 | container | Syscall profile violation | pod-api-gateway-7f8d9 | Quarantined asset |
| high | 15:00:41 | infra | Anomalous API call | lambda-webhook-router | Blocked by firewall rule |
| high | 14:24:41 | app | Terraform drift detected | lambda-data-processor | Micro-segmentation applied |
| medium | 14:01:34 | infra | Canary token triggered | lambda-data-processor | Rate limit applied |
| info | 13:31:55 | edge | Certificate pinning violation | github-actions-runner-01 | WAF rule deployed |
| info | 13:29:35 | network | Package vulnerability alert | okta-tenant | Data poisoning activated |
| info | 13:22:22 | app | Path traversal attempt | lambda-webhook-router | Container terminated |
| high | 13:02:38 | cloud | CloudTrail modification | github-actions-runner-01 | Blocked by firewall rule |
| info | 13:01:04 | redteam | SQL injection attempt | ec2-web-prod-02 | Tarpit activated |
| info | 12:50:52 | data | Brute force attempt | edge-sensor-floor-01 | Container terminated |
| critical | 12:50:27 | cloud | Edge device anomaly | k8s-node-prod-02 | Process killed |
| low | 12:42:20 | data | OT protocol violation | vpn-gateway-prod | Alert generated |
| low | 12:42:07 | infra | SQL injection attempt | ec2-web-prod-02 | Alert generated |
| info | 12:36:21 | edge | Credential stuffing | edge-sensor-floor-01 | Quarantined asset |
| medium | 12:31:59 | cloud | Syscall profile violation | dns-resolver-01 | IAM policy reverted |
TOP CVEs BY CRS SCORE
| CVE ID | Title | CVSS | EPSS | CRS | Assets | KEV |
|---|---|---|---|---|---|---|
| CVE-2024-53677 | Apache Struts File Upload Path Traversal | 9.8 | 92% | 97 | 3 | KEV |
| CVE-2024-21626 | runc Container Escape via fd Leak | 8.6 | 87% | 95 | 4 | KEV |
| CVE-2025-0282 | Ivanti Connect Secure Stack Buffer Overflow | 9.0 | 95% | 94 | 1 | KEV |
| CVE-2024-47575 | FortiManager fgfmd Missing Auth RCE | 9.8 | 91% | 93 | 1 | KEV |
| CVE-2024-23652 | BuildKit Mount Escape | 8.2 | 72% | 88 | 2 | -- |
| CVE-2025-21298 | Windows OLE Remote Code Execution | 9.8 | 68% | 86 | 5 | -- |
| CVE-2024-50623 | Cleo Harmony File Transfer RCE | 9.8 | 88% | 85 | 1 | KEV |
| CVE-2025-1234 | PostgreSQL libpq Buffer Overflow | 7.8 | 45% | 82 | 4 | -- |