customer-engineering/gitex2026
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
gitex2026/AttackSurface/dist/reports/4a48e516-2320-4db3-b717-75e5a72a28b6.html
administrator 816e056ba1 chore: auto-commit 2026-04-24 20:11
2026-04-24 20:11:23 +00:00

124 lines
No EOL
7.4 KiB
HTML
Raw Permalink Blame History

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<title>Security Report - lohmar.co.uk - API Attack Surface Discovery</title>
<script src="https://cdn.tailwindcss.com/"></script>
</head>
<body class="bg-slate-900 text-slate-100 min-h-screen">
<div class="container mx-auto px-4 py-6 max-w-lg">
<!-- Header -->
<div class="text-center mb-6">
<h1 class="text-2xl font-bold bg-gradient-to-r from-blue-400 to-purple-400 bg-clip-text text-transparent">AASD</h1>
<p class="text-sm text-slate-400">API Attack Surface Discovery</p>
</div>
<!-- Report Content -->
<div class="bg-gray-900 text-gray-100 p-8 rounded-lg shadow-lg max-w-4xl mx-auto font-sans">
<!-- Scan Overview -->
<div class="mb-8 border-b border-gray-700 pb-6">
<h2 class="text-2xl font-bold text-emerald-400 mb-4">🔍 Scan Overview</h2>
<p class="text-lg leading-relaxed">
Your application at <span class="text-cyan-300 font-mono">git.sechpoint.app</span> underwent a comprehensive security assessment on <strong>24 April 2026</strong>.
The test sent <strong>816 requests</strong> covering OWASP API and Application Security categories. While the current configuration shows room for improvement,
recognizing these gaps is the <span class="text-emerald-300 font-semibold">first step toward resilience</span>.
The scan reveals exactly where your defenses need attention — empowering you to take targeted, effective action.
</p>
</div>
<!-- Key Findings -->
<div class="mb-8 border-b border-gray-700 pb-6">
<h2 class="text-2xl font-bold text-amber-400 mb-4">⚠️ Key Findings</h2>
<div class="grid grid-cols-1 md:grid-cols-2 gap-4">
<div class="bg-gray-800 rounded-lg p-4 border-l-4 border-red-500">
<p class="font-semibold text-red-300">API Security Grade: <span class="text-2xl">F</span></p>
<p class="text-sm text-gray-400">0% of true-positive attacks were blocked</p>
</div>
<div class="bg-gray-800 rounded-lg p-4 border-l-4 border-red-500">
<p class="font-semibold text-red-300">Application Security Grade: <span class="text-2xl">F</span></p>
<p class="text-sm text-gray-400">0% of true-positive attacks were blocked</p>
</div>
<div class="bg-gray-800 rounded-lg p-4 border-l-4 border-yellow-500">
<p class="font-semibold text-yellow-300">True-Negative Accuracy: <span class="text-xl">33.3%</span></p>
<p class="text-sm text-gray-400">94 legitimate requests were incorrectly blocked</p>
</div>
<div class="bg-gray-800 rounded-lg p-4 border-l-4 border-purple-500">
<p class="font-semibold text-purple-300">Attack Surface Exposure</p>
<p class="text-sm text-gray-400">675 malicious requests bypassed your current security</p>
</div>
</div>
</div>
<!-- Resilience Score -->
<div class="mb-8 border-b border-gray-700 pb-6">
<h2 class="text-2xl font-bold text-cyan-400 mb-4">📊 Resilience Score: <span class="text-4xl font-black">0.0 / 100</span></h2>
<div class="bg-gray-800 rounded-lg p-5">
<div class="flex items-center gap-3 mb-3">
<div class="w-full bg-gray-700 rounded-full h-4">
<div class="bg-gradient-to-r from-red-500 via-amber-500 to-emerald-500 h-4 rounded-full" style="width: 0%;"></div>
</div>
<span class="text-sm font-bold text-red-400">Baseline</span>
</div>
<p class="text-gray-300">
Your current resilience score is at a starting point. The good news? Industry leaders like Wallarm achieve <strong>98.9%</strong> overall scores.
With continuous monitoring and the right tuning, you can rapidly climb the resilience ladder.
</p>
</div>
</div>
<!-- Remediation Recommendations -->
<div class="mb-6">
<h2 class="text-2xl font-bold text-emerald-400 mb-4">🛡️ Remediation Roadmap</h2>
<p class="text-gray-300 mb-4">
Based on this scan, your path to robust API security is clear. Here are the <span class="text-cyan-300">high-impact actions</span> to take:
</p>
<div class="space-y-3">
<div class="bg-gray-800 rounded-lg p-4 border-l-4 border-emerald-500">
<h3 class="font-bold text-emerald-300">1. Deploy Continuous API Attack Surface Monitoring</h3>
<p class="text-sm text-gray-400">Set up automated weekly scans to catch new vulnerabilities as your APIs evolve. Awareness is your first line of defense.</p>
</div>
<div class="bg-gray-800 rounded-lg p-4 border-l-4 border-cyan-500">
<h3 class="font-bold text-cyan-300">2. Tune WAF Rules for True-Positive Detection</h3>
<p class="text-sm text-gray-400">Focus on SQL injection, XSS, and RCE payloads — these bypassed completely in your test. Use the detailed scan report as a rules checklist.</p>
</div>
<div class="bg-gray-800 rounded-lg p-4 border-l-4 border-amber-500">
<h3 class="font-bold text-amber-300">3. Reduce False Positives</h3>
<p class="text-sm text-gray-400">94 legitimate requests were blocked. Whitelist trusted patterns while maintaining strong attack detection — balance is key.</p>
</div>
<div class="bg-gray-800 rounded-lg p-4 border-l-4 border-purple-500">
<h3 class="font-bold text-purple-300">4. Benchmark Against Industry Leaders</h3>
<p class="text-sm text-gray-400">Top solutions detect over 97% of attacks. Your baseline of 0% means every improvement will deliver massive gains — celebrate each milestone!</p>
</div>
</div>
<div class="mt-6 bg-gradient-to-r from-gray-800 to-gray-700 rounded-lg p-5 text-center">
<p class="text-2xl font-bold text-emerald-300">💪 Your API Resilience Journey Starts Now</p>
<p class="text-gray-400 mt-2">Continuous monitoring transforms today's gaps into tomorrow's strengths.</p>
</div>
</div>
</div>
<!-- Token Reference -->
<div class="mt-6 p-4 bg-slate-800 rounded-xl text-center">
<p class="text-xs text-slate-500 mb-2">Report Token</p>
<p class="text-sm font-mono text-slate-300">4a48e516-2320-4db3-b717-75e5a72a28b6</p>
</div>
<!-- QR Code -->
<div class="mt-4 text-center">
<img src="/qrcode?text=https://aasd.sechpoint.app/reports/report_4a48e516-2320-4db3-b717-75e5a72a28b6.html" alt="QR Code" class="inline-block w-40 h-40 rounded-xl border-2 border-slate-700 bg-white p-2" loading="lazy">
<p class="text-xs text-slate-500 mt-2">Ask a consultant to scan for your detailed report</p>
</div>
<!-- CTA -->
<div class="mt-6 p-4 bg-slate-800 rounded-xl text-center border-2 border-blue-500/30">
<p class="text-sm text-slate-300">Show this code to <strong class="text-blue-400">Sechpoint Aftica Team</strong></p>
<p class="text-xs text-slate-500 mt-1">Your consultant will walk you through the findings</p>
</div>
<div class="mt-6 text-center text-xs text-slate-600">
GITEX 2026 — sechpoint.app
</div>
</div>
</body>
</html>
Reference in a new issue View git blame Copy permalink