KKeensafeCompliance

Executive summary

A snapshot of risk posture for the Keensafe External Lab as of today.

15Total open findings
3Critical
10High
2Medium

Top business-impacting issues

  1. SQL injection in /login (online.keensafeglobalbank.com) — internet-banking
  2. Stealer-log credential reused on /admin/login — admin-panel
  3. Hard-coded admin / admin123 + MFA accepts 0000 — admin-panel

Recommended next 30 days

  • Rotate all leaked credentials and AWS keys (CTI lkc-001..008, ghs-001).
  • Patch the SQLi sink on /login and roll JWT secret.
  • Add per-object authorisation to all /api/v1/* resource endpoints.
  • Replace hard-coded admin credentials with SSO + FIDO2.
  • Remove /backup/ exposure from corporate site.