FORTINETRAPID CLOUD ASSESSMENT
Rapid Cloud Assessment · Cloud Security Risk Findings

Cloud Security Posture Report

Customer
21 0 100
URGENT – Attention Needed
Prepared ForCustomer
Report DateTuesday, April 28, 2026
AuthorFortinet
ClassificationConfidential

Discovered Risk Findings

01 — Alerts
Critical Alerts
9 open critical alerts.
02 — Compliance
Critical Non-Compliance
7 control failures.
03 — CVEs
Critical Vulnerabilities
10 CVEs with risk score ≥ 9.
04 — Identity
Identity Risk
9 identity risks.
05 — Secrets
Discovered Secrets
50 secrets detected across hosts.

Executive Summary

9
Critical Alerts
10
Critical CVEs (Risk ≥ 9)
7
Non-Compliance Findings
9
Identity Risk Findings
8
SSH Keys Detected
Overall Risk Assessment

This assessment identified 35 total findings across Customer. The Cloud Security Posture Score is 21/100 — URGENT – Attention Needed.

1. Critical Alerts

#IDSeverityAlertTypeTimeIP or Domain ReputationDescriptionWhy It MattersRecommended Next Action
13130949CriticalBad external server host connectionNewExternalServerBadDNSConnApril 28, 2026 at 1:00 AMMaliciousExternal connection made to known bad host xmr.pool.minergate.com (and 2 more) at TCP port HTTP(80) (and 3 more) from application curl (and 1 more) running on host aittt53-watchtower (and 42 more) as This alert indicates anomalous behavior that may represent an active security incident or policy violation.Investigate the alert in FortiCNAPP; correlate with cloud activity logs; escalate if the activity is unauthorized.
23110421CriticalBad external server host connectionNewExternalServerBadDNSConnApril 23, 2026 at 9:00 PMMaliciousExternal connection made to known bad host monerohash.com at TCP port High Ports (3333) from application nc.openbsd running on host sdl51-watchtower as user root . If applicable, the complete list of This alert indicates anomalous behavior that may represent an active security incident or policy violation.Investigate the alert in FortiCNAPP; correlate with cloud activity logs; escalate if the activity is unauthorized.
33090128CriticalPotentially Compromised HostPotentiallyCompromisedHostApril 22, 2026 at 12:00 AMMaliciousHost machines may have been compromised. The following entities are suspected. Hosts: imontes20-watchtower, aittt26-watchtower, dzam2220-watchtower (and 92 others).This alert indicates anomalous behavior that may represent an active security incident or policy violation.Investigate the alert in FortiCNAPP; correlate with cloud activity logs; escalate if the activity is unauthorized.
43069439CriticalBad external server host connectionNewExternalServerBadDNSConnApril 18, 2026 at 7:00 AMMaliciousExternal connection made to known bad host pool.xmr.pt at TCP port HTTP(80) from application curl running on host watchtower-s10 as user root . If applicable, the complete list of DNS-resolved hosts iThis alert indicates anomalous behavior that may represent an active security incident or policy violation.Investigate the alert in FortiCNAPP; correlate with cloud activity logs; escalate if the activity is unauthorized.
53069237CriticalBad external server host connectionNewExternalServerBadDNSConnApril 16, 2026 at 9:00 PMMaliciousExternal connection made to known bad host xmrpool.eu at TCP port High Ports (9999) from application nc.openbsd running on host sdl20-watchtower as user root . If applicable, the complete list of DNS-This alert indicates anomalous behavior that may represent an active security incident or policy violation.Investigate the alert in FortiCNAPP; correlate with cloud activity logs; escalate if the activity is unauthorized.
63069072CriticalPotentially Compromised HostPotentiallyCompromisedHostApril 15, 2026 at 10:00 PMMaliciousHost machines may have been compromised. The following entities are suspected. Hosts: watchtower-s12, sdl34-watchtower, dzam2220-watchtower (and 53 others).This alert indicates anomalous behavior that may represent an active security incident or policy violation.Investigate the alert in FortiCNAPP; correlate with cloud activity logs; escalate if the activity is unauthorized.
73069072CriticalPotentially Compromised HostPotentiallyCompromisedHostApril 15, 2026 at 10:00 PMMaliciousHost machines may have been compromised. The following entities are suspected. Hosts: watchtower-s12, sdl34-watchtower, dzam2220-watchtower (and 53 others).This alert indicates anomalous behavior that may represent an active security incident or policy violation.Investigate the alert in FortiCNAPP; correlate with cloud activity logs; escalate if the activity is unauthorized.
83048866CriticalBad external server host connectionNewExternalServerBadDNSConnApril 14, 2026 at 10:00 PMMaliciousExternal connection made to known bad host xmrpool.eu at TCP port HTTP(80) from application curl running on host theta24-watchtower as user root . If applicable, the complete list of DNS-resolved hostThis alert indicates anomalous behavior that may represent an active security incident or policy violation.Investigate the alert in FortiCNAPP; correlate with cloud activity logs; escalate if the activity is unauthorized.
93021301CriticalPotentially Compromised HostPotentiallyCompromisedHostApril 8, 2026 at 11:09 PMMaliciousHost machines may have been compromised. The following entities are suspected. Hosts: omega66-watchtower, watchtower-s12, theta21-watchtower (and 12 others).This alert indicates anomalous behavior that may represent an active security incident or policy violation.Investigate the alert in FortiCNAPP; correlate with cloud activity logs; escalate if the activity is unauthorized.

2. Critical Non-Compliance Findings

#SeverityFindingCloud ScopeService AreaContextual RiskBusiness ImpactRecommended FixPriority
1CriticalAzure Resource Out of Canada
▼ 100 Violating Resources
URNRESOURCE_TYPE
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/ocarranza-lab-4/providers/microsoft.compute/virtualmachines/fg-gwlb-fgt-amicrosoft.compute/virtualmachines
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/rodriguezjose-dmz-rg/providers/microsoft.compute/virtualmachines/rj-emsonpremmicrosoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-fgt-ms/providers/microsoft.compute/virtualmachines/sallam-fgt-eus-fgt-2microsoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-fweb/providers/microsoft.compute/virtualmachines/sallam-fadc-abpmicrosoft.compute/virtualmachines
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/pslatam_bac_lab/providers/microsoft.compute/virtualmachines/bac-fgt-bmicrosoft.compute/virtualmachines
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/fgallego-fcnapp-2/providers/microsoft.compute/virtualmachines/fgt-fcnapp-fgtmicrosoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/csa-accelerated-connections_rg/providers/microsoft.compute/virtualmachines/fortitester-01microsoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-k8s-fgt/providers/microsoft.compute/virtualmachines/sallam-fgt-fgtmicrosoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-fmg/providers/microsoft.compute/virtualmachines/sallam-fgt-fgtmicrosoft.compute/virtualmachines
/subscriptions/0b4cdc18-30b1-4dcf-9bfb-3f0e1652e869/resourcegroups/mc_lena-rg_lena-azure-cluster1_eastus/providers/microsoft.compute/virtualmachines/aks-lenanp1-30296496-vms1microsoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-lac-mi/providers/microsoft.compute/virtualmachines/sallam-linuxvmmicrosoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-vwan-ig1/providers/microsoft.compute/virtualmachines/sallam-branch-fgtmicrosoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-fgt-aa/providers/microsoft.compute/virtualmachines/sallam-aa-fgt-amicrosoft.compute/virtualmachines
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/fgallego-lab/providers/microsoft.compute/virtualmachines/test-lwmicrosoft.compute/virtualmachines
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/cstave-lab3azure/providers/microsoft.compute/virtualmachines/cstave-lab3-fgt-bmicrosoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-fgt-aa/providers/microsoft.compute/virtualmachines/sallam-ubuntu2microsoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-k8s-fgt/providers/microsoft.compute/virtualmachines/sallam-linuxvmmicrosoft.compute/virtualmachines
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/pnarvaez-cselab/providers/microsoft.compute/virtualmachines/lab-fortimail-amicrosoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-fweb/providers/microsoft.compute/virtualmachines/sallam-juiceshopmicrosoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/agent-group-endpoint/providers/microsoft.compute/virtualmachines/windowsclient-2microsoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-ipv6/providers/microsoft.compute/virtualmachines/sallam-linuxvmv6microsoft.compute/virtualmachines
/subscriptions/0b4cdc18-30b1-4dcf-9bfb-3f0e1652e869/resourcegroups/bala_ztna_avd/providers/microsoft.compute/virtualmachines/knb-0microsoft.compute/virtualmachines
/subscriptions/de825149-a1fb-40b6-9bdb-37df24fa51bd/resourcegroups/emoran-test-rs/providers/microsoft.compute/virtualmachines/emoran-ubuntumicrosoft.compute/virtualmachines
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/mcomerci-lab/providers/microsoft.compute/virtualmachines/mcomerci-linux-vmmicrosoft.compute/virtualmachines
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/ocarranza-lab-4/providers/microsoft.compute/virtualmachines/fg-gwlb-fgt-bmicrosoft.compute/virtualmachines
/subscriptions/0b4cdc18-30b1-4dcf-9bfb-3f0e1652e869/resourcegroups/ksitu0769578/providers/microsoft.compute/virtualmachines/ksitu-hp2-0microsoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonough-routeserver/providers/microsoft.compute/virtualmachines/vm-spoke2microsoft.compute/virtualmachines
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/rodriguezjose-fazdlp-rg/providers/microsoft.compute/virtualmachines/rj-fdlpfazmicrosoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-vwan-ig1/providers/microsoft.compute/virtualmachines/hub1spoke1-vmmicrosoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-fweb/providers/microsoft.compute/virtualmachines/sallam-windows-imicrosoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonough-ap-elb-ilb-az-eastus2-01/providers/microsoft.compute/virtualmachines/apeastus201-fgt-bmicrosoft.compute/virtualmachines
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/eeel_2/providers/microsoft.compute/virtualmachines/fwb-fwb-amicrosoft.compute/virtualmachines
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/eeel_2/providers/microsoft.compute/virtualmachines/ubuntuservmicrosoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-fgt-aa/providers/microsoft.compute/virtualmachines/sallam-ubuntu1microsoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-fweb/providers/microsoft.compute/virtualmachines/sallamfweb-fwb-amicrosoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonough-ap-elb-ilb-az-eastus2-01/providers/microsoft.compute/virtualmachines/vm-win-server-2022-dcmicrosoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonough-test-vms/providers/microsoft.compute/virtualmachines/web-05microsoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-vwan-ig1/providers/microsoft.compute/virtualmachines/hub1-spoke2-vm3microsoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-fgt-aa/providers/microsoft.compute/virtualmachines/sallam-aa-fgt-bmicrosoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-rg/providers/microsoft.compute/virtualmachines/linuxvm1microsoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-fgt-ms/providers/microsoft.compute/virtualmachines/sallam-linuxvmmicrosoft.compute/virtualmachines
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/pslatam_bac_lab/providers/microsoft.compute/virtualmachines/webapp-2microsoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/agent-group-endpoint1/providers/microsoft.compute/virtualmachines/windowsclient-0microsoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/csa-nfr-1003851-baseline_rg/providers/microsoft.compute/virtualmachines/fgt-vm04microsoft.compute/virtualmachines
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/mcomerci-lab/providers/microsoft.compute/virtualmachines/mcomerci-fdc-v2microsoft.compute/virtualmachines
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/l-group/providers/microsoft.compute/virtualmachines/l-susemicrosoft.compute/virtualmachines
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/pslatam_bac_lab/providers/microsoft.compute/virtualmachines/fortinac-node2microsoft.compute/virtualmachines
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-adc/providers/microsoft.compute/virtualmachines/sallam-fad-amicrosoft.compute/virtualmachines
/subscriptions/0b4cdc18-30b1-4dcf-9bfb-3f0e1652e869/resourcegroups/mtwomblyssosslvpnrg/providers/microsoft.compute/virtualmachines/fortigatevmmicrosoft.compute/virtualmachines
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/pnarvaez-cselab/providers/microsoft.compute/virtualmachines/lab-lnx-amicrosoft.compute/virtualmachines
… and 50 more
CLOUD
fortinetcanadademo-default-15		Cloud SecurityMisconfigured or non-compliant control expands the attack surface, enabling unauthorized access or data exposure across CLOUD resources.Regulatory non-compliance, potential data breach, audit failure, and reputational risk.Alert on which Virtual Machines are deployed outside of Canadian RegionsImmediate
2CriticalData Residency based on Country of Origin
▼ 96 Violating Resources
URNRESOURCE_TYPE
urn:lacework:aws:aws:ec2:sa-east-1:014386698427:regionec2:region
urn:lacework:aws:aws:ec2:ap-northeast-3:188333028786:regionec2:region
urn:lacework:aws:aws:ec2:eu-west-3:014386698427:regionec2:region
urn:lacework:aws:aws:ec2:eu-north-1:014386698427:regionec2:region
urn:lacework:aws:aws:ec2:ap-southeast-2:014386698427:regionec2:region
urn:lacework:aws:aws:ec2:us-east-1:958932064649:regionec2:region
urn:lacework:aws:aws:ec2:eu-west-3:363412468025:regionec2:region
urn:lacework:aws:aws:ec2:us-east-2:116933114817:regionec2:region
urn:lacework:aws:aws:ec2:us-east-2:244822573207:regionec2:region
urn:lacework:aws:aws:ec2:ap-northeast-2:958932064649:regionec2:region
urn:lacework:aws:aws:ec2:eu-north-1:244822573207:regionec2:region
urn:lacework:aws:aws:ec2:ap-south-1:244822573207:regionec2:region
urn:lacework:aws:aws:ec2:eu-central-1:363412468025:regionec2:region
urn:lacework:aws:aws:ec2:us-west-2:014386698427:regionec2:region
urn:lacework:aws:aws:ec2:eu-west-1:363412468025:regionec2:region
urn:lacework:aws:aws:ec2:us-west-1:958932064649:regionec2:region
urn:lacework:aws:aws:ec2:us-east-2:958932064649:regionec2:region
urn:lacework:aws:aws:ec2:us-east-1:363412468025:regionec2:region
urn:lacework:aws:aws:ec2:eu-central-1:244822573207:regionec2:region
urn:lacework:aws:aws:ec2:us-west-1:363412468025:regionec2:region
urn:lacework:aws:aws:ec2:sa-east-1:363412468025:regionec2:region
urn:lacework:aws:aws:ec2:ap-northeast-2:363412468025:regionec2:region
urn:lacework:aws:aws:ec2:ap-south-1:958932064649:regionec2:region
urn:lacework:aws:aws:ec2:ap-southeast-2:958932064649:regionec2:region
urn:lacework:aws:aws:ec2:ap-southeast-2:363412468025:regionec2:region
urn:lacework:aws:aws:ec2:sa-east-1:958932064649:regionec2:region
urn:lacework:aws:aws:ec2:eu-central-1:958932064649:regionec2:region
urn:lacework:aws:aws:ec2:ap-northeast-2:244822573207:regionec2:region
urn:lacework:aws:aws:ec2:eu-west-3:244822573207:regionec2:region
urn:lacework:aws:aws:ec2:ap-northeast-1:958932064649:regionec2:region
urn:lacework:aws:aws:ec2:ap-southeast-1:363412468025:regionec2:region
urn:lacework:aws:aws:ec2:us-west-2:188333028786:regionec2:region
urn:lacework:aws:aws:ec2:eu-central-1:014386698427:regionec2:region
urn:lacework:aws:aws:ec2:us-west-1:188333028786:regionec2:region
urn:lacework:aws:aws:ec2:eu-west-1:188333028786:regionec2:region
urn:lacework:aws:aws:ec2:ap-southeast-1:244822573207:regionec2:region
urn:lacework:aws:aws:ec2:ap-northeast-1:188333028786:regionec2:region
urn:lacework:aws:aws:ec2:ap-southeast-1:116933114817:regionec2:region
urn:lacework:aws:aws:ec2:eu-north-1:188333028786:regionec2:region
urn:lacework:aws:aws:ec2:eu-west-1:244822573207:regionec2:region
urn:lacework:aws:aws:ec2:eu-west-2:116933114817:regionec2:region
urn:lacework:aws:aws:ec2:eu-west-1:014386698427:regionec2:region
urn:lacework:aws:aws:ec2:eu-north-1:958932064649:regionec2:region
urn:lacework:aws:aws:ec2:sa-east-1:188333028786:regionec2:region
urn:lacework:aws:aws:ec2:us-east-2:363412468025:regionec2:region
urn:lacework:aws:aws:ec2:ap-northeast-2:116933114817:regionec2:region
urn:lacework:aws:aws:ec2:ap-southeast-1:014386698427:regionec2:region
urn:lacework:aws:aws:ec2:ap-northeast-3:014386698427:regionec2:region
urn:lacework:aws:aws:ec2:ap-south-1:363412468025:regionec2:region
urn:lacework:aws:aws:ec2:us-east-1:244822573207:regionec2:region
… and 46 more
CLOUD
fortinetcanadademo-default-14		Cloud SecurityMisconfigured or non-compliant control expands the attack surface, enabling unauthorized access or data exposure across CLOUD resources.Regulatory non-compliance, potential data breach, audit failure, and reputational risk.This aims to confirm all resources belong to the Country of Origin - this rules is based on CANADA Data SovereigntyImmediate
3CriticalUse locked immutability policies for Storage Accounts Blobs with business critical data
▼ 86 Violating Resources
RESOURCE_KEYRESOURCE_TYPE
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/lacework-group-a05aa889/providers/microsoft.storage/storageaccounts/laceworkstoragea05aa889/blobservices/default/containers/insights-activity-logsmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/jmc-lab/providers/microsoft.storage/storageaccounts/jmclabdiag/blobservices/default/containers/bootdiagnostics-fortimana-5e3b5f88-79d3-4c54-b5bd-498c76a74875microsoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonough-autoscale-rg/providers/microsoft.storage/storageaccounts/fgtvmss1zgnfc4dne/blobservices/default/containers/azure-webjobs-secretsmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/fgallego-lab/providers/microsoft.storage/storageaccounts/fgallegolabaf97/blobservices/default/containers/scm-releasesmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/jmc-lab/providers/microsoft.storage/storageaccounts/jmclabdiag/blobservices/default/containers/bootdiagnostics-jmcvmfgtd-95f96436-d57b-4e8b-8a72-272263f47b5emicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/fgallego-lab/providers/microsoft.storage/storageaccounts/fgallegolabaf97/blobservices/default/containers/azure-webjobs-hostsmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/fgallego-lab/providers/microsoft.storage/storageaccounts/fgallegolab9e05/blobservices/default/containers/azure-webjobs-secretsmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/microsoft-network-eastus2/providers/microsoft.storage/storageaccounts/config1653102732313/blobservices/default/containers/vpnsiteconfigmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonough-test-vms/providers/microsoft.storage/storageaccounts/protectedcweb/blobservices/default/containers/bootdiagnostics-web06-cd867427-3354-4a2d-b277-ff70d174c90cmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/lacework-group-53440b11/providers/microsoft.storage/storageaccounts/laceworkstorage53440b11/blobservices/default/containers/insights-activity-logsmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonough-automation/providers/microsoft.storage/storageaccounts/jmcdonoughautomation/blobservices/default/containers/scm-releasesmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-extlb_fgtasg_intlb_westus/providers/microsoft.storage/storageaccounts/fgtvmssg4gm69i8sc/blobservices/default/containers/azure-webjobs-hostsmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/cstave-lab3azure/providers/microsoft.storage/storageaccounts/consoleq3rc3u3aw3i2u/blobservices/default/containers/bootdiagnostics-lab3linux-dadc9553-115d-48e6-8a04-b82a88b886e2microsoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonough-utility/providers/microsoft.storage/storageaccounts/jmcdonoughutility/blobservices/default/containers/terraformmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonough-test-vms/providers/microsoft.storage/storageaccounts/protectedcweb/blobservices/default/containers/bootdiagnostics-web04-d5d36416-434d-4377-94f7-b2831959ded7microsoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/jmc-lab/providers/microsoft.storage/storageaccounts/jmclabdiag/blobservices/default/containers/bootdiagnostics-fgtsecuri-82f92578-50f8-4e1b-9939-d1953f3a2d03microsoft.storage/storageaccounts/blobservices/containers
/subscriptions/de825149-a1fb-40b6-9bdb-37df24fa51bd/resourcegroups/lacework-group-3b1386e6/providers/microsoft.storage/storageaccounts/laceworkstorage3b1386e6/blobservices/default/containers/insights-activity-logsmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonough-utility/providers/microsoft.storage/storageaccounts/jmcdonoughutility/blobservices/default/containers/utilitymicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/0b4cdc18-30b1-4dcf-9bfb-3f0e1652e869/resourcegroups/fazresourcegroup/providers/microsoft.storage/storageaccounts/asdk120665257/blobservices/default/containers/asdkmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/pslatam_bac_lab/providers/microsoft.storage/storageaccounts/salazarestorageaccount/blobservices/default/containers/mydisksmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/cstave-lab3azure/providers/microsoft.storage/storageaccounts/consoleq3rc3u3aw3i2u/blobservices/default/containers/bootdiagnostics-cstavelab-1c636665-fa18-4804-8929-ead94f06b0e8microsoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-fweb/providers/microsoft.storage/storageaccounts/juiceshopswagger/blobservices/default/containers/juiceshopswaggermicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonough-autoscale-rg/providers/microsoft.storage/storageaccounts/fgtvmss1zgnfc4dne/blobservices/default/containers/function-codemicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonough-test-vms/providers/microsoft.storage/storageaccounts/protectedcweb/blobservices/default/containers/bootdiagnostics-web05-246830db-ea1f-490a-934d-cf96954d4c6fmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/cstave-lab3azure/providers/microsoft.storage/storageaccounts/consoleq3rc3u3aw3i2u/blobservices/default/containers/bootdiagnostics-lab3linux-bb044479-fdbb-4fac-94bb-1932025d73a9microsoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonough-automation/providers/microsoft.storage/storageaccounts/jmcdonoughautomation/blobservices/default/containers/azure-webjobs-secretsmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/morenoa-az-rg-cloudshell-eastus-zero/providers/microsoft.storage/storageaccounts/morenoaazstzero/blobservices/default/containers/tfstatemicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/fgallego-lab/providers/microsoft.storage/storageaccounts/fgtfcnappnew/blobservices/default/containers/azure-webjobs-secretsmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/fgallego-lab/providers/microsoft.storage/storageaccounts/fgtfcnappnew/blobservices/default/containers/app-package-fgt-fcnapp-new-a8e2eeamicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/0b4cdc18-30b1-4dcf-9bfb-3f0e1652e869/resourcegroups/fazresourcegroup/providers/microsoft.storage/storageaccounts/asdk532210273/blobservices/default/containers/asdkmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/jmc-lab/providers/microsoft.storage/storageaccounts/jmclabdiag/blobservices/default/containers/bootdiagnostics-jmcvmprod-03445717-e126-4f60-a2f3-2f0e9db62b21microsoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonoughfortiflexv2/providers/microsoft.storage/storageaccounts/jmcdonoughfortiflexv2/blobservices/default/containers/azure-webjobs-secretsmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-extlb_fgtasg_intlb_westus/providers/microsoft.storage/storageaccounts/fgtvmssg4gm69i8sc/blobservices/default/containers/function-codemicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/de825149-a1fb-40b6-9bdb-37df24fa51bd/resourcegroups/lacework-agentless-0fd0/providers/microsoft.storage/storageaccounts/laceworkscan0fd0/blobservices/default/containers/lacework-bucket-0fd0microsoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonough-fgt-vpn/providers/microsoft.storage/storageaccounts/jmcdonougfgtvpn/blobservices/default/containers/bootdiagnostics-sglftgvpn-e286d4aa-2065-4216-88f2-4556936d79c2microsoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/jmc-lab/providers/microsoft.storage/storageaccounts/jmclabdiag/blobservices/default/containers/bootdiagnostics-fmg-fafca126-2ae0-4460-a488-979112727e7fmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/pslatam_bac_lab/providers/microsoft.storage/storageaccounts/salazarestorageaccount/blobservices/default/containers/licensemicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/0b4cdc18-30b1-4dcf-9bfb-3f0e1652e869/resourcegroups/lacework-group-71bf6d7a/providers/microsoft.storage/storageaccounts/laceworkstorage71bf6d7a/blobservices/default/containers/insights-activity-logsmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/fgallego-lab/providers/microsoft.storage/storageaccounts/fgallegolab9e05/blobservices/default/containers/scm-releasesmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/mcomerci-lab/providers/microsoft.storage/storageaccounts/mcomercistorage/blobservices/default/containers/mcomercicontainermicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonough-utility/providers/microsoft.storage/storageaccounts/jmcdonoughutility/blobservices/default/containers/bootdiagnostics-fadhavm2-79fca4ec-3d2d-4486-9411-16180da18feamicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-fgt-ms/providers/microsoft.storage/storageaccounts/sallamstorage/blobservices/default/containers/logsmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonoughfortiflexv2/providers/microsoft.storage/storageaccounts/jmcdonoughfortiflexv2/blobservices/default/containers/azure-webjobs-hostsmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/ocarranza-lab-4/providers/microsoft.storage/storageaccounts/consolee7qd37tydlveq/blobservices/default/containers/bootdiagnostics-fggwlbfgt-a7a51d02-ec59-47b8-9d4f-148bbb56835emicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/sallam-fgt-ms/providers/microsoft.storage/storageaccounts/sallamstorage/blobservices/default/containers/fabricstudiomicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/jmc-lab/providers/microsoft.storage/storageaccounts/jmclabdiag/blobservices/default/containers/bootdiagnostics-devpressu-a35eaccd-8242-41a5-9b85-3f7aaccb42b0microsoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/microsoft-network-westcentralus/providers/microsoft.storage/storageaccounts/config1771473885157/blobservices/default/containers/vpnsiteconfigmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/fgallego-lab/providers/microsoft.storage/storageaccounts/fgtfcnappnew/blobservices/default/containers/azure-webjobs-hostsmicrosoft.storage/storageaccounts/blobservices/containers
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/jmcdonough-utility/providers/microsoft.storage/storageaccounts/jmcdonoughutility/blobservices/default/containers/bootdiagnostics-jmcdonoug-6684468e-e5ee-41bd-aab3-90b124831600microsoft.storage/storageaccounts/blobservices/containers
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/fgallego-lab/providers/microsoft.storage/storageaccounts/fgallegolabba57/blobservices/default/containers/azure-webjobs-hostsmicrosoft.storage/storageaccounts/blobservices/containers
… and 36 more
AZURE
lacework-global-1085		Storage SecurityMisconfigured or non-compliant control expands the attack surface, enabling unauthorized access or data exposure across AZURE resources.Regulatory non-compliance, potential data breach, audit failure, and reputational risk.Apply locked immutability policies to all containers that store business-critical blob data. This measure protects the data from modifications or deletions and ensures that critical information remainImmediate
4CriticalSamv Resource Out of Canada
▼ 59 Violating Resources
URNRESOURCE_TYPE
arn:aws:ec2:us-east-1:116933114817:instance/i-0d81da12cc68e8302ec2:instance
arn:aws:ec2:us-east-2:188333028786:instance/i-03baf15f40f887140ec2:instance
arn:aws:ec2:us-east-1:116933114817:instance/i-0c8ee2868658f9daeec2:instance
arn:aws:ec2:us-east-1:958932064649:instance/i-06ad7c6a69f7b2ecfec2:instance
arn:aws:ec2:us-east-2:188333028786:instance/i-061be235dfde9ff04ec2:instance
arn:aws:ec2:us-east-1:014386698427:instance/i-08ae6e2cea4407d0bec2:instance
arn:aws:ec2:us-east-2:363412468025:instance/i-026ad53ec98f6efdfec2:instance
arn:aws:ec2:us-east-1:958932064649:instance/i-06c0a9d6eda1fc988ec2:instance
arn:aws:ec2:us-east-1:116933114817:instance/i-09656eea5256b89c4ec2:instance
arn:aws:ec2:us-east-1:188333028786:instance/i-00fc774393fee0202ec2:instance
arn:aws:ec2:us-east-1:188333028786:instance/i-0e5512fbe2297a1a0ec2:instance
arn:aws:ec2:us-east-2:363412468025:instance/i-00439a49a96dc33f5ec2:instance
arn:aws:ec2:us-east-1:958932064649:instance/i-05b7c42cfb7ed6ce3ec2:instance
arn:aws:ec2:us-east-2:363412468025:instance/i-089449c5dcaeb469aec2:instance
arn:aws:ec2:us-east-1:188333028786:instance/i-08a890d2bdc156c6bec2:instance
arn:aws:ec2:us-east-1:958932064649:instance/i-0e1f753ab7ee0ddc2ec2:instance
arn:aws:ec2:us-east-1:188333028786:instance/i-044f7bb9ffd7a1114ec2:instance
arn:aws:ec2:us-west-2:188333028786:instance/i-007de13c296dd7cc7ec2:instance
arn:aws:ec2:eu-west-3:363412468025:instance/i-070713ab6c008996bec2:instance
arn:aws:ec2:us-east-1:958932064649:instance/i-03ca2bf8fa3604569ec2:instance
arn:aws:ec2:us-east-2:188333028786:instance/i-0e80255db08880339ec2:instance
arn:aws:ec2:us-east-1:958932064649:instance/i-042dc46e25bf361adec2:instance
arn:aws:ec2:us-east-1:188333028786:instance/i-06fd319d5b49784b1ec2:instance
arn:aws:ec2:us-east-1:363412468025:instance/i-0e1e6bd788827c51fec2:instance
arn:aws:ec2:us-east-1:958932064649:instance/i-02f79fb436801acf3ec2:instance
arn:aws:ec2:us-east-1:958932064649:instance/i-0a1e577a9878b3569ec2:instance
arn:aws:ec2:us-east-2:188333028786:instance/i-0736f1d84c1240d25ec2:instance
arn:aws:ec2:us-east-1:958932064649:instance/i-07eb36039c0be4d88ec2:instance
arn:aws:ec2:us-east-1:188333028786:instance/i-06d93e63efc6fc5e3ec2:instance
arn:aws:ec2:us-east-1:958932064649:instance/i-0ea171f85944efab4ec2:instance
arn:aws:ec2:us-east-1:363412468025:instance/i-00e8958f28952835eec2:instance
arn:aws:ec2:us-east-1:116933114817:instance/i-03a7e0ca441675178ec2:instance
arn:aws:ec2:us-east-2:363412468025:instance/i-00d8f055d6e67f4dbec2:instance
arn:aws:ec2:us-east-1:188333028786:instance/i-09790e1aab7ab963bec2:instance
arn:aws:ec2:us-east-1:958932064649:instance/i-0697b64c8312b5f84ec2:instance
arn:aws:ec2:us-east-1:188333028786:instance/i-003c0fea7eb5b1430ec2:instance
arn:aws:ec2:us-east-1:188333028786:instance/i-0b6ee871917780e4aec2:instance
arn:aws:ec2:us-east-1:958932064649:instance/i-0baebc78f74f822beec2:instance
arn:aws:ec2:us-east-1:958932064649:instance/i-0389cfa8521b129e6ec2:instance
arn:aws:ec2:us-east-1:188333028786:instance/i-0108a24563a449955ec2:instance
arn:aws:ec2:us-east-2:188333028786:instance/i-08cdf57ded5ae2b5dec2:instance
arn:aws:ec2:us-east-1:958932064649:instance/i-0ec5d7251ceeb3790ec2:instance
arn:aws:ec2:us-east-1:188333028786:instance/i-0b1a9455d80d601efec2:instance
arn:aws:ec2:us-east-1:188333028786:instance/i-00a94c1c11f1aabb0ec2:instance
arn:aws:ec2:us-west-2:188333028786:instance/i-03c3a281c9a47046eec2:instance
arn:aws:ec2:ap-northeast-1:363412468025:instance/i-0a72767617186b9ddec2:instance
arn:aws:ec2:us-east-1:958932064649:instance/i-0b69b68f45614837dec2:instance
arn:aws:ec2:us-east-1:116933114817:instance/i-0f8a1c70a2e538c4eec2:instance
arn:aws:ec2:us-east-1:188333028786:instance/i-0017eb6a54092a7bcec2:instance
arn:aws:ec2:us-east-2:188333028786:instance/i-0f259539c0c71d3adec2:instance
… and 9 more
CLOUD
fortinetcanadademo-default-13		Cloud SecurityMisconfigured or non-compliant control expands the attack surface, enabling unauthorized access or data exposure across CLOUD resources.Regulatory non-compliance, potential data breach, audit failure, and reputational risk.Out of CanadaImmediate
5CriticalEnsure no security groups allow ingress from 0.0.0.0/0 to web servers
▼ 12 Violating Resources
RESOURCE_KEYRESOURCE_TYPE
arn:aws:ec2:ca-central-1:244822573207:security-group/sg-0cf56999cf085361bec2:security-group
arn:aws:ec2:ca-central-1:244822573207:security-group/sg-02f86bae8c40786e3ec2:security-group
arn:aws:ec2:ca-central-1:244822573207:security-group/sg-0c41c8d09887a282dec2:security-group
arn:aws:ec2:ca-central-1:244822573207:security-group/sg-091418757080002a6ec2:security-group
arn:aws:ec2:ca-central-1:244822573207:security-group/sg-010efe4061a4b9790ec2:security-group
arn:aws:ec2:ca-central-1:244822573207:security-group/sg-0e578338718f3a6b5ec2:security-group
arn:aws:ec2:ca-central-1:244822573207:security-group/sg-018f3e5d26c848975ec2:security-group
arn:aws:ec2:ca-central-1:244822573207:security-group/sg-0a3889aea1b4d1e60ec2:security-group
arn:aws:ec2:ca-central-1:244822573207:security-group/sg-070b622a42c265c25ec2:security-group
arn:aws:ec2:ca-central-1:244822573207:security-group/sg-0d125dcbeeb4d27f9ec2:security-group
arn:aws:ec2:ca-central-1:244822573207:security-group/sg-042afa6524d0de39bec2:security-group
arn:aws:ec2:ca-central-1:244822573207:security-group/sg-0e0120f6bafd6fb97ec2:security-group
CLOUD
fortinetcanadademo-default-5		Network SecurityMisconfigured or non-compliant control expands the attack surface, enabling unauthorized access or data exposure across CLOUD resources.Regulatory non-compliance, potential data breach, audit failure, and reputational risk.Security groups provide stateful filtering of ingress and egress network traffic to AWS resources. It is recommended that no security group allows unrestricted ingress access to web services http andImmediate
6CriticalEnable immutability for Recovery Services vaults
▼ 4 Violating Resources
RESOURCE_KEYRESOURCE_TYPE
/subscriptions/c92e9a69-8a7b-4285-8347-1e6b85bcb014/resourcegroups/pnarvaez-cselab/providers/microsoft.recoveryservices/vaults/defaultvault496microsoft.recoveryservices/vaults
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/csa-single-fgt-testing-bkup_rg/providers/microsoft.recoveryservices/vaults/vault509microsoft.recoveryservices/vaults
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/csa-single-fgt-testing-bkup_rg/providers/microsoft.recoveryservices/vaults/vault871microsoft.recoveryservices/vaults
/subscriptions/fd5b7afe-28d8-4713-9892-c235918d8ecf/resourcegroups/csa-single-fgt-testing-bkup_rg/providers/microsoft.recoveryservices/vaults/vault249microsoft.recoveryservices/vaults
AZURE
lacework-global-1069		ResilienceMisconfigured or non-compliant control expands the attack surface, enabling unauthorized access or data exposure across AZURE resources.Regulatory non-compliance, potential data breach, audit failure, and reputational risk.Enabling the immutable vault protects backup data from unauthorized or accidental deletion. Locking the setting and making it irreversible prevents malicious actors from disabling it and deleting backImmediate
7CriticalSecurity groups should not allow unrestricted access to Telnet (port 23)
▼ 2 Violating Resources
RESOURCE_KEYRESOURCE_TYPE
arn:aws:ec2:us-east-2:188333028786:security-group/sg-03e15a4e0d31b6d3dec2:security-group
arn:aws:ec2:us-east-1:188333028786:security-group/sg-05d6a8024982feb22ec2:security-group
AWS
lacework-global-1168		Identity & AccessMisconfigured or non-compliant control expands the attack surface, enabling unauthorized access or data exposure across AWS resources.Regulatory non-compliance, potential data breach, audit failure, and reputational risk.This policy checks for security groups allowing unrestricted ingress to Telnet (port 23). A security group is non-compliant if any inbound rule allows traffic from '0.0.0.0/0' or '::/0' to port 23 ovImmediate

3. Critical CVE Vulnerabilities

#SeverityVulnerability (CVE)Risk ScoreAffected ResourcePackage / VersionAttacker Outcome if ExploitedRecommended FixPriority
1CriticalCVE-2021-45046
Host		9.0ip-172-31-27-195.ca-central-1.compute.internalhorizonRemote code execution enabling host compromise, data exfiltration, or privilege escalation.Update horizon to 29.0.3Immediate
2CriticalCVE-2017-14493
Host		9.0ip-172-31-27-195.ca-central-1.compute.internalneutronRemote code execution enabling host compromise, data exfiltration, or privilege escalation.Vendor fix available — apply immediatelyImmediate
3CriticalCVE-2021-44530
Host		9.0ip-172-31-27-195.ca-central-1.compute.internalhorizonRemote code execution enabling host compromise, data exfiltration, or privilege escalation.Update horizon to 29.0.3Immediate
4CriticalCVE-2021-44228
Host		9.0ip-172-31-27-195.ca-central-1.compute.internalhorizonRemote code execution enabling host compromise, data exfiltration, or privilege escalation.Update horizon to 29.0.3Immediate
5CriticalCVE-2024-23049
Host		9.0ip-172-31-27-195.ca-central-1.compute.internalhorizonRemote code execution enabling host compromise, data exfiltration, or privilege escalation.Update horizon to 29.0.3Immediate
6CriticalCVE-2015-8914
Host		9.0ip-172-31-27-195.ca-central-1.compute.internalneutronRemote code execution enabling host compromise, data exfiltration, or privilege escalation.Vendor fix available — apply immediatelyImmediate
7CriticalCVE-2025-59681
Host		9.0ip-172-31-27-195.ca-central-1.compute.internaldjangoRemote code execution enabling host compromise, data exfiltration, or privilege escalation.Update django to 4.2.25Immediate
8CriticalCVE-2017-14492
Host		9.0ip-172-31-27-195.ca-central-1.compute.internalneutronRemote code execution enabling host compromise, data exfiltration, or privilege escalation.Vendor fix available — apply immediatelyImmediate
9CriticalCVE-2017-14491
Host		9.0ip-172-31-27-195.ca-central-1.compute.internalneutronRemote code execution enabling host compromise, data exfiltration, or privilege escalation.Vendor fix available — apply immediatelyImmediate
10CriticalCVE-2026-22797
Host		9.0ip-172-31-27-195.ca-central-1.compute.internalkeystonemiddlewareRemote code execution enabling host compromise, data exfiltration, or privilege escalation.Update keystonemiddleware to 10.7.2Immediate

4. Identity Risk

IdentityPrivilegeMFALast LoginIdle EntitlementsRiskRecommended Fix
root
arn:aws:iam::014386698427:root		AdminNo MFANever / Unknown100%
idle		CRITICAL: Full admin with no MFA — single credential theft enables complete environment compromise.Enforce MFA immediately. Replace standing admin with JIT privilege escalation.
root
arn:aws:iam::363412468025:root		AdminNo MFANever / Unknown100%
idle		CRITICAL: Full admin with no MFA — single credential theft enables complete environment compromise.Enforce MFA immediately. Replace standing admin with JIT privilege escalation.
root
arn:aws:iam::958932064649:root		AdminNo MFANever / Unknown100%
idle		CRITICAL: Full admin with no MFA — single credential theft enables complete environment compromise.Enforce MFA immediately. Replace standing admin with JIT privilege escalation.
Eduar Moran
emoran_adm@emoranlabs.info		AdminNo MFAJul 10, 2025100%
idle		CRITICAL: Full admin with no MFA — single credential theft enables complete environment compromise.Enforce MFA immediately. Replace standing admin with JIT privilege escalation.
root
arn:aws:iam::188333028786:root		AdminNo MFANever / Unknown100%
idle		CRITICAL: Full admin with no MFA — single credential theft enables complete environment compromise.Enforce MFA immediately. Replace standing admin with JIT privilege escalation.
emoran gcp-ciem-2
emoran-gcp-ciem-2@emoran.online		PrivilegedNo MFANever / Unknown100%
idle		HIGH: No MFA on privileged account — credential theft risk with no second factor protection.Enable MFA immediately; rotate credentials; review recent activity.
emoran gcp-ciem-1
emoran-gcp-ciem-1@emoran.online		PrivilegedNo MFANever / Unknown100%
idle		HIGH: No MFA on privileged account — credential theft risk with no second factor protection.Enable MFA immediately; rotate credentials; review recent activity.
emoran gcp-ciem-3
emoran-gcp-ciem-3@emoran.online		PrivilegedNo MFANever / Unknown100%
idle		HIGH: No MFA on privileged account — credential theft risk with no second factor protection.Enable MFA immediately; rotate credentials; review recent activity.
emoran admin
emoran@emoranlabs.info		PrivilegedNo MFAApr 29, 2025100%
idle		HIGH: No MFA on privileged account — credential theft risk with no second factor protection.Enable MFA immediately; rotate credentials; review recent activity.

5. Secrets — Discovered Secrets

HostnameInstance IDOSSecret TypeSecret IdentifierLast Seen Time
ip-172-31-16-80.ca-central-1.compute.internal8882067935430363505ssh_private_key
ip-10-0-0-24.ec2.internal1391890404822208179ssh_private_key
ip-172-16-31-10.ec2.internal6336969980309744348ssh_private_key
ip-192-168-101-155.ec2.internal1110203269945398414ssh_private_key
ip-172-31-19-180.ca-central-1.compute.internal216782677137093634aws_secret_access_key
ip-172-16-1-143.us-east-2.compute.internal4389931018425171806ssh_private_key
ip-10-1-5-192.us-east-2.compute.internal1711733174034484178ssh_private_key
ip-192-168-101-155.ec2.internal1110203269945398414ssh_private_key
ip-172-31-16-80.ca-central-1.compute.internal8882067935430363505ssh_private_key
FortiNac-node12028872358863050201ssh_private_key
ip-10-0-5-149.ec2.internal5506094839792441080ssh_private_key
ip-172-31-19-180.ca-central-1.compute.internal216782677137093634aws_secret_access_key
ip-172-16-31-10.ec2.internal6336969980309744348ssh_private_key
ip-10-0-5-149.ec2.internal5506094839792441080ssh_private_key
ip-10-0-5-192.ec2.internal8536655422750920941ssh_private_key
ip-10-50-11-60.ec2.internal4289947608531085312ssh_private_key
ip-172-31-18-225.ca-central-1.compute.internal6695603917103504826ssh_private_key
ip-172-31-69-98.ec2.internal5846318357252178766ssh_private_key
FortiNac-node12028872358863050201ssh_private_key
ip-10-50-11-40.ec2.internal1656144959977708298ssh_private_key
ip-172-31-19-180.ca-central-1.compute.internal216782677137093634aws_secret_access_key
ip-10-50-11-60.ec2.internal4289947608531085312ssh_private_key
FortiNac-node24787988893852278048ssh_private_key
ip-10-0-5-124.ec2.internal4234948394681180638ssh_private_key
ip-10-0-5-192.ec2.internal8536655422750920941ssh_private_key
ip-172-31-65-35.ec2.internal6003285167974367993aws_secret_access_key
ip-192-168-74-68.ec2.internal5158834657716594795ssh_private_key
ip-10-50-11-20.ec2.internal1205502313378143188ssh_private_key
ip-10-1-5-192.us-east-2.compute.internal1711733174034484178ssh_private_key
ip-172-31-19-180.ca-central-1.compute.internal216782677137093634aws_secret_access_key
FortiNac-node12028872358863050201ssh_private_key
ip-10-0-5-90.ec2.internal8217047534414232901ssh_private_key
ip-172-16-31-10.ec2.internal6336969980309744348ssh_private_key
FortiNac-node24787988893852278048ssh_private_key
ip-10-0-0-24.ec2.internal1391890404822208179ssh_private_key
ip-172-31-18-225.ca-central-1.compute.internal6695603917103504826ssh_private_key
ip-192-168-74-68.ec2.internal5158834657716594795ssh_private_key
ip-10-50-11-40.ec2.internal1656144959977708298ssh_private_key
ip-172-31-16-80.ca-central-1.compute.internal8882067935430363505ssh_private_key
ip-10-0-5-124.ec2.internal4234948394681180638ssh_private_key
ip-10-50-11-20.ec2.internal1205502313378143188ssh_private_key
ip-10-0-5-90.ec2.internal8217047534414232901ssh_private_key
FortiNac-node24787988893852278048ssh_private_key
FortiNac-node12028872358863050201ssh_private_key
ip-172-31-69-98.ec2.internal5846318357252178766ssh_private_key
ip-10-0-5-124.ec2.internal4234948394681180638ssh_private_key
ip-172-16-1-143.us-east-2.compute.internal4389931018425171806ssh_private_key
ip-172-31-100-11.ca-central-1.compute.internal338511882696796048aws_secret_access_key
ip-10-1-5-192.us-east-2.compute.internal1711733174034484178ssh_private_key
FortiNac-node24787988893852278048ssh_private_key
RAPID CLOUD ASSESSMENT REPORT — Powered by FortiCNAPP
Prepared for: Customer  ·  Report Date: Tuesday, April 28, 2026  ·  Author: Fortinet
This report is confidential and intended solely for the named recipient. Generated by the FortiCNAPP Extensible Reporting Tool.
FRTINET®
QR
fortinet.com/resources/reports/cloud-security