Files
carmanagement/results/summaries/COMPLIANCE_SUMMARY.md
T
2026-05-21 12:35:49 -04:00

1.4 KiB

Compliance Framework Summary

Total Findings: 712 Findings with Compliance Mappings: 712 (100.0%)

Framework Coverage

Framework Coverage
OWASP Top 10 2021 4/10 categories
CWE Top 25 2024 6/25 weaknesses
CIS Controls v8.1 7 controls
NIST CSF 2.0 1427 mappings across 4 functions
PCI DSS 4.0 5 requirements
MITRE ATT&CK 4 techniques

OWASP Top 10 2021

Category Findings
A01:2021 4
A02:2021 42
A03:2021 6
A10:2021 2

CWE Top 25 2024 (Top 10 Most Frequent)

CWE ID Rank Findings
CWE-798 18 41
CWE-863 24 3
CWE-79 1 3
CWE-918 19 2
CWE-20 4 1
CWE-362 21 1

NIST Cybersecurity Framework 2.0

Function Findings
GOVERN 671
IDENTIFY 671
PROTECT 82
DETECT 3

PCI DSS 4.0

Requirements with Findings: 5

See PCI_DSS_COMPLIANCE.md for detailed PCI DSS compliance report.

MITRE ATT&CK

Techniques Detected: 4

See attack-navigator.json for interactive ATT&CK Navigator visualization.

Top 5 Techniques:

  1. T1195 - Supply Chain Compromise (671 findings)
  2. T1552 - Unsecured Credentials (41 findings)
  3. T1078 - Valid Accounts (41 findings)
  4. T1190 - Exploit Public-Facing Application (3 findings)

Generated by JMo Security Audit Tool Suite