Evidence Room

The Evidence Room is RAD Security’s centralized repository where all raw security findings are correlated, collected, and analyzed. This is where you can view and investigate the complete picture of your security posture across all environments.

Security Finding Categories

The Evidence Room organizes security findings into five main categories:

CVEs - Container and software vulnerabilities with severity ratings and exploitability scores
Cloud Misconfigs - Cloud infrastructure misconfigurations and compliance violations
Kubernetes Misconfigs - Kubernetes cluster misconfigurations and policy violations
Runtime Threats - Real-time threats detected in your running applications and services
Identity Misconfigs - Identity and access management misconfigurations and policy violations

Key Features

🔍 Advanced Filtering

Filter findings by severity, exploitability, fix status, and impact. Use EPSS scores to prioritize the most likely to be exploited vulnerabilities.

📊 Impact Analysis

See exactly which workloads, clusters, and images are affected by each finding. Understand the blast radius of potential security issues.

🎯 Prioritization

Known Exploited Vulnerabilities (KEV) are automatically flagged. EPSS scores help identify vulnerabilities most likely to be exploited in the wild.

🔗 Correlation

RAD correlates findings across all your data sources to provide context and reduce false positives. Related findings are grouped together for easier investigation.

Finding Types

Container & Software Vulnerabilities (CVEs)

Track vulnerabilities in your container images and software dependencies:

CVE/GHSA IDs - Standard vulnerability identifiers
Severity Ratings - Critical, High, Medium, Low classifications
EPSS Scores - Exploit Prediction Scoring System for prioritization
Fix Status - Whether patches are available and applied
Impact Scope - Which workloads and images are affected

Cloud Misconfigurations

Identify security gaps in your cloud infrastructure:

Compliance Violations - CIS, NIST, SOC2 framework violations
Resource Misconfigurations - Public buckets, overly permissive policies
Network Security - Open ports, insecure protocols
Identity & Access - Excessive permissions, unused credentials

Kubernetes Misconfigurations

Detect security issues in your Kubernetes clusters:

Pod Security - Privileged containers, host network access
RBAC Violations - Overly permissive service accounts
Network Policies - Missing or inadequate network segmentation
Resource Limits - Missing CPU/memory constraints

Runtime Threats

Monitor active threats in your running applications:

Malicious Processes - Suspicious binary execution
Network Anomalies - Unusual traffic patterns
File System Changes - Unauthorized modifications
Container Escapes - Privilege escalation attempts

Identity Misconfigurations

Track identity and access management issues:

Excessive Permissions - Over-privileged users and service accounts
Unused Credentials - Dormant accounts and API keys
MFA Violations - Accounts without multi-factor authentication
Access Patterns - Unusual login times and locations

Pro Tip: Use the Evidence Room to get a complete picture of your security posture. Start with high-severity findings and work your way down, focusing on items that are actively being exploited in the wild.

Next Steps

Review Security Findings

Investigate high-priority security findings

Configure AI Workers

Set up automated security analysis and response

Connect Data Sources

Integrate additional security tools for comprehensive coverage

Access Knowledge Base

Upload security documentation and incident procedures

Getting Started

Platform

Data Sources

Security & Compliance

Resources

Security Finding Categories

Key Features

Finding Types

Container & Software Vulnerabilities (CVEs)

Cloud Misconfigurations

Kubernetes Misconfigurations

Runtime Threats

Identity Misconfigurations

Next Steps

Review Security Findings

Configure AI Workers

Connect Data Sources

Access Knowledge Base

Getting Started

Platform

Data Sources

Security & Compliance

Resources

​Security Finding Categories

​Key Features

​Finding Types

​Container & Software Vulnerabilities (CVEs)

​Cloud Misconfigurations

​Kubernetes Misconfigurations

​Runtime Threats

​Identity Misconfigurations

​Next Steps

Review Security Findings

Configure AI Workers

Connect Data Sources

Access Knowledge Base

Security Finding Categories

Key Features

Finding Types

Container & Software Vulnerabilities (CVEs)

Cloud Misconfigurations

Kubernetes Misconfigurations

Runtime Threats

Identity Misconfigurations

Next Steps