Risk Categories

The Risk Categories on the Security Posture page illustrate the distribution of detected risks across different categories. Each category's proportion is calculated based on the number of risks detected out of the total number of potential risks the system can detect in that category. It provides insight into which areas are most impacted by security issues and helps prioritize remediation efforts accordingly.

The nine risk categories that Panoptica identifies (in alphabetical order):

  • Credential Exposure – Any exposed credentials, such as unencrypted passwords, access keys, API keys and tokens, or SSH keys
  • Data Security - A misconfiguration in your data services, such as buckets or databases
  • DNS Security - A misconfiguration that may allow an attacker to perform a subdomain takeover, usually caused by a DNS that is not directing to any resource on the cloud side
  • Identity and Access Management – This may include over-permissive permission, “shadow admins”, or users who were given admin permissions by mistake
  • Insecure Configuration - This may include unencrypted objects or databases, insecure network settings, backups not enabled, or any number of misconfigurations resulting from human error, dangerous defaults, or risky and weak configurations
  • Malware Infected Workload - Panoptica leverages third-party threat intelligence to identify any anomalies and real-time threats
  • Neglected Resource – Resources in your cloud environment that are unused, or not associated to any other resource
  • Public Exposure – storage, databases, or other resources that are hosted on a public cloud
  • Unsupported Software – Software that has reached End of Life (EoL), or End of Support (EoS)

Please see the Risk Findings Catalog for a complete list of the risks and security issues that Panoptica can identify.