Risk Categories

The Risk Categories on the Security Posture page illustrate the distribution of detected risks across different categories. Each category's proportion is calculated based on the number of risks detected out of the total number of potential risks the system can detect in that category. This provides insight into which areas are most impacted by security issues and helps prioritize remediation efforts accordingly.

Panoptica identifies the following risk categories:

  • Data Exposure
    Storage, databases, and cloud analytics services that can be accessed by unauthorized entities.
  • DNS Security
    A misconfiguration that can allow an attacker to perform a subdomain takeover, usually caused by a DNS that is not directing to any resource on the cloud side.
  • Inadequate Authentication & Authorization
    Weak or insecure authentication methods that can result in compromised identities.
  • Inadequate Logging & Backup
    Lack of recording system or application activities and insufficient backup that can compromise data recovery capabilities.
  • Insecure Configuration
    Unencrypted objects or databases, insecure network settings, backups not enabled, dangerous defaults, risky and weak configurations, or other misconfigurations resulting from human error.
  • Insufficient Encryption
    Inadequate or missing encryption that can expose data to unauthorized access or interception.
  • Insufficient Monitoring
    Inadequate or incomplete logs and audit trails for access or management actions, such as configuration changes, permissions changes, and data manipulation.
  • Malware Infected Workload
    Panoptica leverages third-party threat intelligence to identify any anomalies and real-time threats.
  • Neglected Resource
    Resources in your cloud environment that are unused or not associated to any other resource.
  • Permissive Access
    Excessive permissions that could allow users to escalate their privileges in the system.
  • Public Exposure
    Storage, databases, or other resources that are hosted on a public cloud.
  • Secret Exposure
    Exposed credentials, such as unencrypted passwords, access keys, API keys and tokens, or SSH keys.
  • Unsupported Software
    Software that has reached End of Life (EoL), or End of Support (EoS).

For a complete list of the risks and security issues that Panoptica can identify, see the Risk Findings Catalog.