Welcome, Priya
Full security program — posture, findings, decisions, compliance.
81
Posture Score
▲ 17 pts over 12 weeks
Open critical
11
findings org-wide▼ 12%
Open high
13
findings org-wide▼ 8%
SLA breached
14
active tasks▼ 22%
Open tasks
44
across the org▲ 5%
Posture trend — last 12 weeks
Higher is betterTop at-risk applications
Top risks
R-003
Supply chain compromise via npm dependency
10
R-002
Cloud account takeover via leaked CI/CD credentials
9
R-006
Internal data lake PII exfiltration
9
R-008
Phishing-led credential compromise of admin
9
R-010
Legacy ledger service unpatchable critical CVE
8
SLA-breached tasks
SPMS-2024-00120
Patch openssl in container base image
critical40d over
SPMS-2024-00126
ISO 27001 A.12.4 — logging review
critical31d over
SPMS-2024-00127
Implement WAF rule for credential stuffing
high22d over
SPMS-2024-00132
Threat model: new checkout fraud service
critical41d over
SPMS-2024-00134
Address external auditor finding A-12 (vendor MFA)
high23d over
SPMS-2024-00140
Patch openssl in container base image
high21d over
Recent activity
Priya Shah approved decision DEC-011
Jenkins plugin risk acceptance
14:22
Marcus Lin triaged finding FND-0042
SQL injection in order lookup
13:51
Riley Chen submitted evidence
SPMS-2024-00135
13:40
System auto-assigned task
SPMS-2024-00139 → Aisha Banda
12:10
Sara Okafor closed task
SPMS-2024-00128 (S3 encryption)
11:05
Alex Reeves (CEO) signed risk acceptance
R-010 (Ledger CVE)
10:00
Decisions awaiting attention
View allDEC-002 • CEO authority
Accept residual risk on legacy ledger (R-010)
Accountable: Alex Reeves • expires 2024-12-31
DEC-011 • CISO authority
Under review — accept risk of unpatched Jenkins plugin
Accountable: Sara Okafor • expires 2024-09-20