1.4 KiB
1.4 KiB
Compliance Framework Summary
Total Findings: 712 Findings with Compliance Mappings: 712 (100.0%)
Framework Coverage
| Framework | Coverage |
|---|---|
| OWASP Top 10 2021 | 4/10 categories |
| CWE Top 25 2024 | 6/25 weaknesses |
| CIS Controls v8.1 | 7 controls |
| NIST CSF 2.0 | 1427 mappings across 4 functions |
| PCI DSS 4.0 | 5 requirements |
| MITRE ATT&CK | 4 techniques |
OWASP Top 10 2021
| Category | Findings |
|---|---|
| A01:2021 | 4 |
| A02:2021 | 42 |
| A03:2021 | 6 |
| A10:2021 | 2 |
CWE Top 25 2024 (Top 10 Most Frequent)
| CWE ID | Rank | Findings |
|---|---|---|
| CWE-798 | 18 | 41 |
| CWE-863 | 24 | 3 |
| CWE-79 | 1 | 3 |
| CWE-918 | 19 | 2 |
| CWE-20 | 4 | 1 |
| CWE-362 | 21 | 1 |
NIST Cybersecurity Framework 2.0
| Function | Findings |
|---|---|
| GOVERN | 671 |
| IDENTIFY | 671 |
| PROTECT | 82 |
| DETECT | 3 |
PCI DSS 4.0
Requirements with Findings: 5
See PCI_DSS_COMPLIANCE.md for detailed PCI DSS compliance report.
MITRE ATT&CK
Techniques Detected: 4
See attack-navigator.json for interactive ATT&CK Navigator visualization.
Top 5 Techniques:
- T1195 - Supply Chain Compromise (671 findings)
- T1552 - Unsecured Credentials (41 findings)
- T1078 - Valid Accounts (41 findings)
- T1190 - Exploit Public-Facing Application (3 findings)
Generated by JMo Security Audit Tool Suite