Provider Scoring

Provider Security Gauges

Half-doughnut gauge charts showing security pass rates for each cloud provider

Security Pass Rate Gauges

Each gauge represents the percentage of security checks that passed for a given provider. The color reflects the severity of the score: green (>75%), orange (40-75%), red (<40%), dark red (<15%).

Amazon Web Services
57.7%
525 total | 303 pass | 222 fail
3
Crit
34
High
185
Med
57
Low
Microsoft Azure
30.7%
205 total | 63 pass | 142 fail
110
High
32
Med
Kubernetes
87.4%
2,431 total | 2,125 pass | 306 fail
306
High
GitHub
9.2%
184 total | 17 pass | 167 fail
13
Crit
154
High

Provider Comparison Analysis

Kubernetes: Best Performer (87.4%)

Kubernetes achieves the highest pass rate across all providers with 2,125 out of 2,431 checks passing. The 306 remaining failures are all classified as High severity, primarily related to RBAC wildcard permissions and pod security standards. Kubernetes benefits from a more focused check scope, but the remaining failures represent significant cluster-level risks that could enable lateral movement if exploited.

AWS: Moderate Risk (57.7%)

AWS sits in the middle with 303 passes out of 525 total checks. The provider shows the broadest severity distribution, with findings ranging from Critical (3) through Low (57). The Medium severity findings (185) dominate, indicating numerous configuration gaps that individually pose moderate risk but collectively weaken the security posture significantly. IAM configuration issues account for approximately 40% of all AWS findings.

Azure: High Risk (30.7%)

Azure's 30.7% pass rate reflects a significant security gap with 142 failed checks out of 205 total. The majority (110) are classified as High severity, concentrated around disk encryption (missing customer-managed keys), network security groups, and authentication configuration. Azure requires the most proportional improvement effort relative to its check count.

GitHub: Critical Risk (9.2%)

GitHub represents the most severe security gap at 9.2% pass rate, with only 17 of 184 checks passing. 13 findings are Critical severity, primarily related to missing branch protection (12 of 13 repositories) and absent organization-level MFA enforcement. The remaining 154 High-severity findings cover missing secret scanning, inactive Dependabot, and lack of code signing. GitHub is the weakest link in the supply chain and should be the top priority for Phase 1 remediation.

Provider Total Pass Fail Pass Rate Risk Level Priority
Kubernetes 2,431 2,125 306 87.4% Low Phase 2
AWS 525 303 222 57.7% Moderate Phase 1-2
Azure 205 63 142 30.7% High Phase 2
GitHub 184 17 167 9.2% Critical Phase 1