US-066US-068US-069US-070US-071US-111US-119
Security Dashboard
acmecorp.com · SOC Pro · 8 layers active · Last scan completed 07:02 today
Live · Updated 07:14:52
Industry Benchmark US-111, FR-099
Your score 68 vs 61 average for Financial Services (50–200 employees). Top quartile: 74+.
Security Score
68/100
Grade: C+ ↑ +4
Open Findings
12
3 Critical · 4 High
Financial Exposure
£47,200
↓ £8,400 from last scan
Active Agents (L7/L8)
12/12
100% coverage
Compliance Score
67%
Avg across 5 frameworks ↑ 3%
Layers Active
8/8
L1–L8 all monitored
Security Health Score
68
/100
Scanning Layer Status · Real-time
L1
External Recon
7 findings · 8m ago
L2
Web AppSec
11 findings · 2h ago
L3
Mobile
No APK uploaded
L4
API Security
5 findings · 1d ago
L5
Compliance
GDPR 78% · PCI 61%
L6
Cloud Posture
8 findings · 3h ago
L7
SOC / SIEM
12 agents · 3 alerts
L8
Malware D&R
⚠ 1 needs approval
Financial Risk
Total Estimated Exposure
£47,200
£28K
Data breach
£12K
Regulatory
£7.2K
Downtime
Top Risk Contributors
SQL Injection (L2)
£18,000
Subdomain Takeover (L1)
£10,000
BOLA / IDOR (L4)
£9,200
S3 Public Bucket (L6)
£5,400
Security Score Trend · 12 weeks
Score
Findings
Start: 52
+16 pts improvement
Today: 68
Compliance Posture
View details →
78%
GDPR
↑ 2%
61%
PCI-DSS
↑ 5%
55%
ISO 27001
↑ 1%
50%
SOC2
↓ 1%
40%
CE+
↑ 8%
🤖 AI Engine
84%
Cache hit rate
$4.82
AI cost June
1.4s
Avg triage time
127
Analyses (June)
Modelclaude-sonnet-4-6
Cached tokens633K
Saved vs no-cache~$21.00
Monthly cap$50.00
Active Findings · 12 open
View all →
| Finding | Layer | Severity | Exposure | Status | Action |
|---|---|---|---|---|---|
SQL Injection — /api/search |
L2 | CRITICAL | £18,000 | Open | |
BOLA — /orders/{id} access control |
L4 | CRITICAL | £9,200 | Open | |
Subdomain takeover — staging.acmecorp.com |
L1 | CRITICAL | £10,000 | Open | |
IAM privilege escalation — dev-ci-role |
L6 | HIGH | £6,800 | Open | |
DMARC policy set to 'none' |
L1 | HIGH | £9,500 | In Progress | |
3 S3 buckets with public access enabled |
L6 | HIGH | £5,400 | Open | |
No rate limiting on /auth/login |
L4 | HIGH | £3,800 | Open |
Activity Timeline · Today
Webshell detected — PROD-WEB-01
PHP webshell in /wp-content/uploads/ · Awaiting approval
SOAR blocked 185.220.101.42
SSH brute force — 47 attempts blocked by iptables
L1 recon scan completed
acmecorp.com · 7 findings · Score 68 (+4)
FIM alert — /etc/passwd modified
DEV-LAPTOP-04 · New user entry added · Under review
Jane Doe logged in
82.44.12.19 · MFA verified
HSTS header remediation applied
L1-HDR-002 marked resolved by J.Smith
Malware auto-quarantined
Trojan.GenericKD · DEV-LAPTOP-04 · Conf 98%
SOC Live Alert Feed · L7/L8
SOC Console →
CRITICAL
PROD-WEB-01
07:14:32
PHP Webshell detected — awaiting human approval
ClamAV: PHP.Webshell.Generic-19 · YARA: webshell_php_generic_cmd · VT: 58/70 · AI conf: 97%
HIGH
PROD-WEB-01
07:02:11
SSH brute force — 47 failed logins in 60s
Source: 185.220.101.42 (Tor exit node) · SOAR auto-blocked via iptables · MITRE: T1110
Auto-Resolved
MEDIUM
DEV-LAPTOP-04
06:58:01
FIM — /etc/passwd file modified
New entry added by root · SHA256: a3f9b2… → 1c4d8f… · Rule 550
Under Review
LOW
ALL AGENTS
06:30:00
Nightly ClamAV scan completed — 12/12 agents
0 threats found on 11 agents · 1 detection on PROD-WEB-01 (see above)
Complete
Findings by Layer
L1
Ext. Recon
7 findings
L2
Web AppSec
11 findings
L3
Mobile
No scan
L4
API
5 findings
L5
Compliance
12 gaps
L6
Cloud
8 findings
L7
SOC/SIEM
3 alerts
L8
Malware
1 ⚠
Top Actions
1
Review webshell
⚠Urgent
2
Fix SQL injection
£18Kat risk
3
Fix BOLA on API
£9.2Kat risk
4
Reclaim subdomains
£10Kat risk
5
Block S3 public access
£5.4Kat risk