Interactive Demo— sample data only
Exit Demo

Findings

Every finding ranked by dollar loss. Click filters to re-sort.

Total Annual Loss Exposure
$6,480,000
Across 15 visible findings
Sum of per-finding ALE (mode)
Sort: Dollar LossSort: Severity
All SourcesVuln ScanCloud ScanSharePoint
critical

AWS access key committed to shared OneNote

Page "AWS Runbook" in the Engineering Team Notebook contains an AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY pair. Notebook shared with 47 users.

SharePoint·/Team Notebook/Infrastructure/AWS Runbook.one·2 days ago
$1,144,000
$650,000$2,200,000
critical

1,847 credit card numbers in customers-export.csv

File contains 1,847 unique credit card numbers (PCI scope). Shared with an anonymous link that has not expired.

SharePoint·/Shared Documents/Exports/customers-export.csv·14 days ago
$936,000
$480,000$1,800,000
critical KEV

XZ Utils backdoor (CVE-2024-3094) in OpenSSH

Malicious code injected into XZ Utils 5.6.0/5.6.1 can bypass SSH authentication on internet-facing hosts. KEV-listed.

Vulnerability Scan·nw-jumphost-01.northwind.internal·3 days ago
$832,000
$520,000$1,400,000
critical

Storage account allows public blob access

Storage account 'nwcustexports' has public blob access enabled AND contains data tagged data_class=pii.

Cloud Scan·nwcustexports (Azure Blob)·7 days ago
$780,000
$380,000$1,500,000
critical

5 employee SSNs exposed in Q4-financials.xlsx

File contains 5 unique US SSNs in Sheet1 columns B-E. Permissions: Finance Team (18 members), anyone with link.

SharePoint·/Shared Documents/Reports/Q4-financials.xlsx·6 days ago
$780,000
$320,000$1,600,000
critical KEV

SMBv3 RCE (CVE-2020-0796 / SMBGhost)

Unauthenticated remote code execution in SMBv3 on a Windows Server 2019 host accepting external traffic.

Vulnerability Scan·nw-files-03.northwind.internal·5 days ago
$512,000
$280,000$980,000
high

SQL Server firewall allows 0.0.0.0/0

nw-orders-db firewall rule permits all inbound IPs on port 1433. Public internet can attempt authentication.

Cloud Scan·nw-orders-db (Azure SQL)·9 days ago
$340,000
$180,000$680,000
high

PHI in patient-intake-Q3.pdf (HIPAA scope)

Form contains patient names, DOBs, diagnoses, and insurance IDs for 23 patients. External guest access enabled.

SharePoint·/Shared Documents/Patient Intake/patient-intake-Q3.pdf·9 days ago
$320,000
$150,000$640,000
high

Key Vault purge protection disabled

Production Key Vault lacks purge protection. Soft-deleted secrets could be permanently destroyed before recovery window expires.

Cloud Scan·nw-prod-kv·12 days ago
$210,000
$95,000$440,000
high

Azure SQL connection string in deployment runbook

Production Azure SQL connection string with embedded password is in a broadly-shared docx.

SharePoint·/Shared Documents/Deployments/Production Deploy Runbook.docx·21 days ago
$186,000
$85,000$380,000
high KEV

Log4Shell (CVE-2021-44228) in web service

Vulnerable Log4j 2.14.1 detected via authenticated scan on internal order-api service.

Vulnerability Scan·nw-order-api.northwind.internal·18 days ago
$156,000
$75,000$310,000
high

Passport numbers in travel-authorization.xlsx

Spreadsheet contains passport numbers for 34 employees plus DOBs and home addresses.

SharePoint·/HR Documents/Travel/travel-authorization-2026.xlsx·11 days ago
$128,000
$52,000$260,000
high

Anonymous link on Legal/Contracts folder

Folder containing 847 executed contracts has an anonymous-access share link. Anyone with URL can read everything.

SharePoint·/Legal/Contracts/·4 days ago
$92,000
$38,000$184,000
medium

Stale user account with active SSH key on jump host

User account has not signed in for 187 days but retains SSH key authorization on nw-jumphost-01.

Cloud Scan·nw-jumphost-01·30 days ago
$42,000
$18,000$86,000
medium

CloudTrail logs retained for only 30 days

Audit logging retention below SOC 2 CC7.2 minimum of 1 year.

Cloud Scan·nw-prod-subscription·22 days ago
$22,000
$8,000$48,000
Next: Risk (FAIR)