[{"id":"ghs-001","source":"GitHub public push-event scanner (LAB)","discovered_at":"2026-04-30T22:11:00Z","confidence_score":96,"severity":"critical","affected_asset":"git.keensafeglobalbank.com / partner SDK","evidence":"https://github.com/ext-partner/keensafe-payouts/blob/c0ffee/src/.env — AKIAFAKEKEYONLY12345 / FAKEsecret/Lab+OnlyDoNotUseInProductionAA","recommended_action":"Rotate AWS keys; file GitHub takedown; revoke key in IAM.","mitre_mapping":["T1552.001"],"compliance_mapping":["NIST 800-53 IA-5","PCI-DSS 6.3.1"]},{"id":"ghs-002","source":"TruffleHog scan (LAB)","discovered_at":"2026-04-29T13:42:00Z","confidence_score":90,"severity":"high","affected_asset":"internal-jenkins-job","evidence":"JWT_SECRET=keensafe-lab-jwt-supersecret-2025 in `infra-pipelines/jenkins/Jenkinsfile`","recommended_action":"Rotate JWT secret; force re-authentication; review token issuance window.","mitre_mapping":["T1552.001","T1606.001"],"compliance_mapping":["NIST CSF PR.DS-1"]},{"id":"ghs-003","source":"GitGuardian webhook (LAB)","discovered_at":"2026-04-27T05:08:00Z","confidence_score":88,"severity":"high","affected_asset":"ext-partner repo / Slack webhook","evidence":"Slack webhook https://hooks.slack.com/services/T0FAKE/B0FAKE/fakeWebhookOnlyForLab","recommended_action":"Revoke webhook; notify Slack workspace owner.","mitre_mapping":["T1552.001"],"compliance_mapping":["ISO 27001 A.8.24"]},{"id":"ghs-004","source":"GitHub gist scanner (LAB)","discovered_at":"2026-04-26T19:01:00Z","confidence_score":70,"severity":"medium","affected_asset":"developer-portal repo","evidence":"Hardcoded API key ks-pub-FAKE-7d2c0a3b1e8f9c2d3f4a5b6c7d8e9f0a in /samples docs","recommended_action":"Rotate the partner key; replace docs sample with placeholder.","mitre_mapping":["T1552.001"],"compliance_mapping":["PCI-DSS 6.3.1"]}]