Service Analysis

Top Services by Findings

15 most active services ranked by total finding count, color-coded by provider

Top 15 Services by Finding Count

Vertical bar chart showing services with the most security findings. Bars are color-coded by their cloud provider: AWS, Azure, K8s, GitHub.

Service Detail Breakdown

Complete breakdown showing pass/fail counts, severity distribution, and provider association for each top service.

Rank Service Provider Total Pass Fail Pass Rate Dominant Severity
1 IAM AWS 180 92 88 51.1% Medium
2 RBAC K8s 170 105 65 61.8% High
3 Repository GitHub 120 11 109 9.2% High
4 EC2 AWS 80 42 38 52.5% Medium
5 Storage Azure 70 22 48 31.4% High
6 VM Azure 60 18 42 30.0% High
7 S3 AWS 50 30 20 60.0% Medium
8 Network K8s 40 28 12 70.0% High
9 CloudTrail AWS 35 20 15 57.1% Medium
10 Secrets Manager AWS 30 18 12 60.0% Medium
11 VPC AWS 25 12 13 48.0% High
12 Config AWS 25 10 15 40.0% Medium
13 GuardDuty AWS 20 8 12 40.0% High
14 Monitor Azure 20 5 15 25.0% High
15 Key Vault Azure 15 4 11 26.7% High

Service Distribution by Provider

Key Insights

AWS IAM Dominates

IAM is the single largest source of findings (180), which is typical in AWS environments. Identity misconfigurations are the most common root cause of cloud breaches. Prioritizing IAM hardening provides the highest security return.

GitHub Repositories: Worst Pass Rate

Repository service has the lowest pass rate (9.2%) of any service in the top 15. This directly reflects the missing branch protection and security features across 12 of 13 repositories.

Azure Services Uniformly Low

All Azure services (Storage, VM, Monitor, Key Vault) show pass rates below 35%. This indicates systemic configuration gaps rather than isolated issues, suggesting Azure governance policies need comprehensive review.

K8s Network: Strong Performance

Kubernetes Network service achieves 70% pass rate, indicating well-configured network policies. The RBAC service at 61.8% is reasonable but the remaining wildcard permissions create significant privilege escalation risks.