Attack Paths, Proof & Fixes— all in one place
Only the critical risks — with fixes, attack paths, and audit-ready evidence & ready-to-run playbooks so risks close fast and don’t come back.
New AI agent accessing SSN
Actor
Third party
Risk
1.24M rows
(PII: SSN)
Context
First-seen accessor · off-hours 02:13am PST
Fix
Quarantine agent
Restrict to payroll_comp
Require approval & justification
Excess privileges (least-fix)
Actor
Target
Risk
WRITE/DDL unused → over-privileged service
Context
Observed SELECT only (30d)
Fix
Drop WRITE/DDL; keep READ via role
purchase_reader
Write outside change window
Actor
Target
Risk
Unapproved production write.
UPDATE changed 8,412 rows (SSN)
Context
Change window closed · off-hours 02:13 UTC
Fix
Roll back_RW-002
Open ticket CHG-1027
Compliance breach
Actor
Target
Mapped
NIST AC-6 · SOX 404 · GDPR Art. 30
Risk
DDL performed on transaction data
Context
Admin account Delete operation
Fix
Attach evidence for audit·
Revoke Excess grants