Risk Register
13 risks tracked across your organization
Total Risks
13
All tracked risks
Critical / High
8
62% of total risks
Under Mitigation
12
Active treatment: mitigate
Avg Risk Score
16.8
High
| RISK-001 | Complete Account Takeover via Root Access Keys Two active root access keys exist with unrestricted permissi… | Identity & Access | 5×525 | Active | Mitigate | Ashish Mathur | Mar 19, 2026 39d overdue | |
| RISK-002 | Zero Audit Trail — Undetectable Malicious Activity Without CloudTrail, all API calls go unlogged. An attacker (… | Logging & Monitoring | 5×525 | Active | Mitigate | Ashish Mathur | Mar 19, 2026 39d overdue | |
| RISK-012 | DPDP Act Non-Compliance — Penalties up to ₹250 Cro… Complete non-compliance with India DPDP Act 2023. No DPO app… | Regulatory Compliance | 5×525 | Active | Mitigate | Ashish Mathur | Mar 23, 2026 35d overdue | |
| RISK-003 | No Threat Detection Capability Neither SecurityHub nor GuardDuty is enabled. The account ha… | Security Operations | 4×520 | Active | Mitigate | Ashish Mathur | Mar 23, 2026 35d overdue | |
| RISK-004 | Credential Compromise Due to No Password Policy No password policy is configured. When IAM users are eventua… | Identity & Access | 5×420 | Active | Mitigate | Ashish Mathur | Mar 20, 2026 38d overdue | |
| RISK-011 | Regulatory Non-Compliance Across All Frameworks The account fails to meet baseline requirements across CIS A… | Compliance | 5×420 | Active | Mitigate | Ashish Mathur | Mar 20, 2026 38d overdue | |
| RISK-013 | Personal Data Breach Without Detection or Response No breach detection (SecurityHub/GuardDuty disabled), no Clo… | Incident Response | 4×520 | Active | Mitigate | Ashish Mathur | Mar 23, 2026 35d overdue | |
| RISK-006 | No Encryption Key Management No customer-managed KMS keys exist. Any data stored in S3, E… | Data Protection | 4×416 | Active | Mitigate | Ashish Mathur | Mar 26, 2026 32d overdue | |
| RISK-005 | Network Exposure — All Subnets Public All 6 subnets auto-assign public IPs. Any workload deployed … | Network Security | 3×412 | Active | Mitigate | Ashish Mathur | Mar 26, 2026 32d overdue | |
| RISK-007 | No Network Traffic Visibility VPC Flow Logs are disabled. There is zero visibility into ne… | Logging & Monitoring | 4×312 | Active | Mitigate | Ashish Mathur | Mar 23, 2026 35d overdue |