1 Service Accounts
1 Workloads
29 Bindings
1 Critical
28 Low
Description
Wiz Sensor helm chart
Overview
| Identity | Namespace | Automount | Secrets | Permissions | Workloads | Risk |
|---|---|---|---|---|---|---|
wiz-sensor | default | ❌ | — | 29 | 1 | Critical |
Numbers in the last two columns indicate how many bindings or workloads involve each ServiceAccount.
Identities
🤖 wiz-sensor
Namespace: default | Automount: ❌
🔑 Permissions (29)
| Role | Resource | Verbs | Risk | Tags |
|---|---|---|---|---|
Role wiz-sensor-namespace-role | core/secrets | get · list · watch | Critical | CredentialAccess DataExposure InformationDisclosure SecretAccess |
ClusterRole wiz-sensor | apps/cronjobs | get | Low | |
ClusterRole wiz-sensor | batch/cronjobs | get | Low | |
ClusterRole wiz-sensor | core/cronjobs | get | Low | |
ClusterRole wiz-sensor | apps/daemonsets | get | Low | |
ClusterRole wiz-sensor | batch/daemonsets | get | Low | |
ClusterRole wiz-sensor | core/daemonsets | get | Low | |
ClusterRole wiz-sensor | apps/deployments | get | Low | |
ClusterRole wiz-sensor | batch/deployments | get | Low | |
ClusterRole wiz-sensor | core/deployments | get | Low | |
ClusterRole wiz-sensor | apps/jobs | get | Low | |
ClusterRole wiz-sensor | batch/jobs | get | Low | |
ClusterRole wiz-sensor | core/jobs | get | Low | |
ClusterRole wiz-sensor | apps/namespaces | get | Low | |
ClusterRole wiz-sensor | batch/namespaces | get | Low | |
ClusterRole wiz-sensor | core/namespaces | get | Low | |
ClusterRole wiz-sensor | apps/nodes | get | Low | |
ClusterRole wiz-sensor | batch/nodes | get | Low | |
ClusterRole wiz-sensor | core/nodes | get | Low | |
ClusterRole wiz-sensor | core/pods | get · list · watch | Low | |
ClusterRole wiz-sensor | apps/replicasets | get | Low | |
ClusterRole wiz-sensor | batch/replicasets | get | Low | |
ClusterRole wiz-sensor | core/replicasets | get | Low | |
ClusterRole wiz-sensor | apps/replicationcontrollers | get | Low | |
ClusterRole wiz-sensor | batch/replicationcontrollers | get | Low | |
ClusterRole wiz-sensor | core/replicationcontrollers | get | Low | |
ClusterRole wiz-sensor | apps/statefulsets | get | Low | |
ClusterRole wiz-sensor | batch/statefulsets | get | Low | |
ClusterRole wiz-sensor | core/statefulsets | get | Low |
⚠️ Potential Abuse (2)
The following security risks were found based on the above permissions:
📦 Workloads (1)
| Kind | Name | Container | Image |
|---|---|---|---|
| DaemonSet | wiz-sensor | wiz-sensor | wizio.azurecr.io/sensor:v1 |