{"client":{"company":"TechBud Sp. z o.o.","greeting":"Cze\u015b\u0107, oto stan bezpiecze\u0144stwa Twojej firmy","location":"Polska","name":"Jan Kowalski","plan":"Shield Pro"},"devices":[{"device_type":"router","hostname":"fw-main","id":"device_001","ip":"10.0.1.1","issues":["Admin panel na domy\u015blnym porcie"],"last_seen":"2026-02-09 10:30:00","mac":"A4:91:B1:XX:XX:XX","model":"FortiGate 60F","open_ports":[22,443,541],"os":"FortiOS 7.2","services":[{"port":22,"service":"SSH","version":"OpenSSH 8.4"},{"port":443,"service":"HTTPS","version":"Admin Panel"}],"status":"warning","vendor":"Fortinet"},{"device_type":"server","hostname":"srv-dc01","id":"device_002","ip":"10.0.1.10","issues":["SMBv1 w\u0142\u0105czone (EternalBlue!)","LDAP signing wy\u0142\u0105czone","RDP bez NLA"],"last_seen":"2026-02-09 10:30:00","mac":"00:1A:2B:XX:XX:XX","model":"PowerEdge R640","open_ports":[53,88,135,389,445,636,3389],"os":"Windows Server 2019","services":[{"port":53,"service":"DNS","version":"Windows DNS"},{"port":389,"service":"LDAP","version":"AD DS"},{"port":445,"service":"SMB","version":"SMBv1 enabled!"},{"port":3389,"service":"RDP","version":"Windows RDP"}],"status":"critical","vendor":"Dell"},{"device_type":"server","hostname":"srv-db01","id":"device_003","ip":"10.0.1.11","issues":["PostgreSQL z domy\u015blnym has\u0142em!","SSH banner ujawnia wersj\u0119"],"last_seen":"2026-02-09 10:30:00","mac":"3C:EF:8C:XX:XX:XX","model":"ProLiant DL380 Gen10","open_ports":[22,5432],"os":"Ubuntu 22.04 LTS","services":[{"port":22,"service":"SSH","version":"OpenSSH 8.9"},{"port":5432,"service":"PostgreSQL","version":"14.2"}],"status":"critical","vendor":"HP"},{"device_type":"server","hostname":"srv-web01","id":"device_004","ip":"10.0.1.12","issues":["S\u0142abe algorytmy SSH","Brak HSTS"],"last_seen":"2026-02-09 10:30:00","mac":"3C:EF:8C:XX:XX:YY","model":"PowerEdge R440","open_ports":[22,80,443],"os":"Debian 12","services":[{"port":80,"service":"HTTP","version":"nginx 1.18"},{"port":443,"service":"HTTPS","version":"nginx 1.18"},{"port":22,"service":"SSH","version":"OpenSSH 9.2"}],"status":"warning","vendor":"Dell"},{"device_type":"server","hostname":"srv-mail01","id":"device_005","ip":"10.0.1.13","issues":["Open mail relay!","Brak SPF/DKIM"],"last_seen":"2026-02-09 10:30:00","mac":"B8:27:EB:XX:XX:XX","model":"ProLiant ML350","open_ports":[22,25,587,993],"os":"Ubuntu 20.04 LTS","services":[{"port":25,"service":"SMTP","version":"Postfix"},{"port":587,"service":"Submission","version":"Postfix"},{"port":993,"service":"IMAPS","version":"Dovecot"}],"status":"high","vendor":"HP"},{"device_type":"network","hostname":"sw-core01","id":"device_006","ip":"10.0.1.2","issues":["SNMP community: public","Telnet w\u0142\u0105czony"],"last_seen":"2026-02-09 10:30:00","mac":"00:11:32:XX:XX:XX","model":"Catalyst 2960","open_ports":[22,161],"os":"IOS 15.2","services":[{"port":22,"service":"SSH","version":"Cisco SSH"},{"port":161,"service":"SNMP","version":"v2c"}],"status":"high","vendor":"Cisco"},{"device_type":"computer","hostname":"pc-jkowalski","id":"device_007","ip":"10.0.2.101","issues":["RDP bez NLA","Brak BitLocker"],"last_seen":"2026-02-09 10:30:00","mac":"B8:27:EB:XX:XX:YY","model":"OptiPlex 7090","open_ports":[135,139,445,3389],"os":"Windows 11 Pro","services":[{"port":3389,"service":"RDP","version":"Windows RDP"},{"port":445,"service":"SMB","version":"SMBv3"}],"status":"high","vendor":"Dell"},{"device_type":"computer","hostname":"pc-anowak","id":"device_008","ip":"10.0.2.102","issues":["Brak EDR"],"last_seen":"2026-02-09 10:30:00","mac":"B8:27:EB:XX:XX:ZZ","model":"ThinkCentre M90","open_ports":[135,139,445],"os":"Windows 11 Pro","services":[{"port":445,"service":"SMB","version":"SMBv3"}],"status":"low","vendor":"Lenovo"},{"device_type":"computer","hostname":"mac-mwisniewski","id":"device_009","ip":"10.0.2.103","issues":[],"last_seen":"2026-02-09 10:30:00","mac":"F0:18:98:XX:XX:XX","model":"MacBook Pro M2","open_ports":[],"os":"macOS Sonoma 14.3","services":[],"status":"ok","vendor":"Apple"},{"device_type":"printer","hostname":"prn-hp-laser01","id":"device_010","ip":"10.0.3.50","issues":["Panel bez has\u0142a","Stary firmware"],"last_seen":"2026-02-09 10:30:00","mac":"00:17:A5:XX:XX:XX","model":"LaserJet Pro M404","open_ports":[80,443,9100],"os":"HP Firmware","services":[{"port":80,"service":"HTTP","version":"HP Web Admin"},{"port":9100,"service":"JetDirect","version":"Raw Print"}],"status":"warning","vendor":"HP"},{"device_type":"camera","hostname":"cam-recepcja","id":"device_011","ip":"10.0.3.51","issues":["CVE-2021-36260!","Domy\u015blne has\u0142o","Dost\u0119pna z internetu"],"last_seen":"2026-02-09 10:30:00","mac":"C0:56:27:XX:XX:XX","model":"DS-2CD2143G2","open_ports":[80,443,554,8000],"os":"Hikvision FW 5.7.2","services":[{"port":80,"service":"HTTP","version":"Hikvision Web"},{"port":554,"service":"RTSP","version":"Live Stream"}],"status":"critical","vendor":"Hikvision"},{"device_type":"iot","hostname":"hvac-controller","id":"device_012","ip":"10.0.3.52","issues":["Domy\u015blne has\u0142o admin"],"last_seen":"2026-02-09 10:30:00","mac":"E8:DE:27:XX:XX:XX","model":"T6 Pro","open_ports":[80],"os":"Honeywell FW 3.1","services":[{"port":80,"service":"HTTP","version":"Honeywell Web"}],"status":"warning","vendor":"Honeywell"}],"network":"10.0.1.0/24","scan_date":"2026-02-09","scan_time":"10:30:00","summary":{"active_hosts":12,"security_score":42,"services_found":34,"total_hosts":12,"vulnerabilities":{"critical":2,"high":4,"info":1,"low":2,"medium":3}},"vulnerabilities":[{"affected_devices":["srv-dc01"],"cve":"CVE-2017-0144","cvss":9.8,"cwe":"CWE-119","description":"Kontroler domeny ma w\u0142\u0105czony przestarza\u0142y protok\u00f3\u0142 SMBv1, podatny na exploit EternalBlue.","device_ip":"10.0.1.10","estimated_cost":"300-600 PLN","estimated_time":"1-2 godziny","id":"PZ-D001","impact":"KRYTYCZNE: Haker mo\u017ce przej\u0105\u0107 pe\u0142n\u0105 kontrol\u0119 nad serwerem i ca\u0142\u0105 domen\u0105 Active Directory bez znajomo\u015bci hase\u0142.","owner_action":"NATYCHMIAST zle\u0107 wy\u0142\u0105czenie SMBv1 i aktualizacj\u0119 systemu.","severity":"critical","solution":"1. Wy\u0142\u0105cz SMBv1: Set-SmbServerConfiguration -EnableSMB1Protocol $false\n2. Zainstaluj wszystkie aktualizacje Windows\n3. Sprawd\u017a czy inne serwery nie u\u017cywaj\u0105 SMBv1","title":"SMBv1 w\u0142\u0105czone na kontrolerze domeny","who_should_fix":"Administrator IT / Informatyk"},{"affected_devices":["srv-db01"],"cve":"N/A","cvss":9.1,"cwe":"CWE-798","description":"Baza danych PostgreSQL u\u017cywa domy\u015blnego has\u0142a postgres/postgres.","device_ip":"10.0.1.11","estimated_cost":"200-400 PLN","estimated_time":"30 minut - 1 godzina","id":"PZ-D002","impact":"KRYTYCZNE: Atakuj\u0105cy mo\u017ce uzyska\u0107 dost\u0119p do wszystkich danych w bazie - klient\u00f3w, faktur, zam\u00f3wie\u0144.","owner_action":"NATYCHMIAST zmie\u0144 has\u0142o do bazy danych.","severity":"critical","solution":"1. ALTER USER postgres WITH PASSWORD 'silne_losowe_haslo';\n2. Ogranicz dost\u0119p do portu 5432\n3. W\u0142\u0105cz SSL dla po\u0142\u0105cze\u0144","title":"PostgreSQL z domy\u015blnymi po\u015bwiadczeniami","who_should_fix":"Administrator bazy danych"},{"affected_devices":["cam-recepcja"],"cve":"CVE-2021-36260","cvss":9.8,"cwe":"CWE-77","description":"Kamera ma znany exploit umo\u017cliwiaj\u0105cy zdalne wykonanie kodu bez uwierzytelnienia.","device_ip":"10.0.3.51","estimated_cost":"400-800 PLN","estimated_time":"2-3 godziny","id":"PZ-D003","impact":"KRYTYCZNE: Haker mo\u017ce ogl\u0105da\u0107 obraz z kamery, nagrywa\u0107 firm\u0119, u\u017cy\u0107 kamery do ataku na inne urz\u0105dzenia.","owner_action":"NATYCHMIAST zaktualizuj firmware lub od\u0142\u0105cz kamer\u0119 od internetu.","severity":"critical","solution":"1. Pobierz najnowszy firmware z hikvision.com\n2. Zmie\u0144 domy\u015blne has\u0142o\n3. Wy\u0142\u0105cz dost\u0119p z internetu\n4. Skonfiguruj osobny VLAN dla kamer","title":"Kamera Hikvision z krytyczn\u0105 podatno\u015bci\u0105","who_should_fix":"Firma od monitoringu lub informatyk"},{"affected_devices":["srv-mail01"],"cve":"N/A","cvss":7.5,"cwe":"CWE-284","description":"Serwer pocztowy przekazuje maile bez uwierzytelnienia. Mo\u017ce by\u0107 wykorzystany do spamu.","device_ip":"10.0.1.13","estimated_cost":"500-1000 PLN","estimated_time":"2-4 godziny","id":"PZ-D004","impact":"WYSOKIE: Twoja domena mo\u017ce trafi\u0107 na czarne listy, maile do klient\u00f3w nie b\u0119d\u0105 dociera\u0107.","owner_action":"W CI\u0104GU 24H zle\u0107 napraw\u0119 konfiguracji serwera pocztowego.","severity":"high","solution":"1. Skonfiguruj restrykcje relay w Postfix\n2. Dodaj rekordy SPF, DKIM, DMARC\n3. Przetestuj na mail-tester.com","title":"Open Mail Relay","who_should_fix":"Administrator serwera pocztowego"},{"affected_devices":["sw-core01"],"cve":"N/A","cvss":7.5,"cwe":"CWE-798","description":"Switch u\u017cywa domy\u015blnego community string 'public' dla SNMP.","device_ip":"10.0.1.2","estimated_cost":"300-500 PLN","estimated_time":"1-2 godziny","id":"PZ-D005","impact":"WYSOKIE: Atakuj\u0105cy mo\u017ce odczyta\u0107 ca\u0142\u0105 konfiguracj\u0119 sieci i znale\u017a\u0107 kolejne cele.","owner_action":"W TYM TYGODNIU zmie\u0144 community string lub wy\u0142\u0105cz SNMP.","severity":"high","solution":"1. Zmie\u0144 community na losowy ci\u0105g 20+ znak\u00f3w\n2. Ogranicz dost\u0119p SNMP do konkretnych IP\n3. Rozwa\u017c SNMPv3 z uwierzytelnianiem","title":"SNMP ze s\u0142abym community string","who_should_fix":"Administrator sieci"},{"affected_devices":["srv-dc01","pc-jkowalski"],"cve":"N/A","cvss":7.2,"cwe":"CWE-287","description":"RDP dost\u0119pne bez NLA, podatne na ataki brute-force i BlueKeep.","device_ip":"10.0.1.10, 10.0.2.101","estimated_cost":"200-400 PLN","estimated_time":"1-2 godziny","id":"PZ-D006","impact":"WYSOKIE: Haker mo\u017ce pr\u00f3bowa\u0107 zgadywa\u0107 has\u0142a lub wykorzysta\u0107 znane exploity.","owner_action":"W TYM TYGODNIU w\u0142\u0105cz NLA na wszystkich komputerach z RDP.","severity":"high","solution":"1. System Properties \u2192 Remote \u2192 Allow connections only with NLA\n2. Wymu\u015b przez GPO dla ca\u0142ej domeny\n3. Rozwa\u017c VPN zamiast bezpo\u015bredniego RDP","title":"RDP bez Network Level Authentication","who_should_fix":"Administrator IT"},{"affected_devices":["srv-dc01"],"cve":"N/A","cvss":6.5,"cwe":"CWE-319","description":"Kontroler domeny nie wymaga podpisywania LDAP, umo\u017cliwiaj\u0105c ataki relay.","device_ip":"10.0.1.10","estimated_cost":"400-800 PLN","estimated_time":"2-4 godziny (z testami)","id":"PZ-D007","impact":"WYSOKIE: Atakuj\u0105cy w sieci mo\u017ce przechwyci\u0107 i manipulowa\u0107 ruchem Active Directory.","owner_action":"W TYM MIESI\u0104CU zle\u0107 w\u0142\u0105czenie LDAP signing.","severity":"high","solution":"1. Group Policy: Domain controller: LDAP server signing requirements = Require signing\n2. Przetestuj aplikacje przed wdro\u017ceniem","title":"LDAP Signing wy\u0142\u0105czone","who_should_fix":"Administrator Active Directory"},{"affected_devices":["srv-web01"],"cve":"N/A","cvss":5.3,"cwe":"CWE-327","description":"Serwer SSH akceptuje przestarza\u0142e algorytmy szyfrowania (3DES, RC4).","device_ip":"10.0.1.12","estimated_cost":"100-200 PLN","estimated_time":"30 minut","id":"PZ-D008","impact":"\u015aREDNIE: Atakuj\u0105cy mo\u017ce odszyfrowa\u0107 starszy ruch SSH.","owner_action":"PLANOWANE: Przy najbli\u017cszej okazji zaktualizuj konfiguracj\u0119 SSH.","severity":"medium","solution":"1. Edytuj /etc/ssh/sshd_config\n2. Ciphers aes256-gcm@openssh.com,aes128-gcm@openssh.com\n3. Zrestartuj SSH","title":"S\u0142abe algorytmy SSH","who_should_fix":"Administrator serwera"},{"affected_devices":["prn-hp-laser01"],"cve":"N/A","cvss":4.3,"cwe":"CWE-306","description":"Panel administracyjny drukarki dost\u0119pny bez has\u0142a.","device_ip":"10.0.3.50","estimated_cost":"0 PLN","estimated_time":"15 minut","id":"PZ-D009","impact":"\u015aREDNIE: Kto\u015b mo\u017ce zmienia\u0107 ustawienia drukarki lub przechwytywa\u0107 dokumenty.","owner_action":"PLANOWANE: Ustaw has\u0142o przy najbli\u017cszej okazji.","severity":"medium","solution":"1. Zaloguj si\u0119 na panel drukarki\n2. Ustaw has\u0142o administratora\n3. Wy\u0142\u0105cz niepotrzebne protoko\u0142y (FTP, Telnet)","title":"Drukarka bez has\u0142a admina","who_should_fix":"IT Support"},{"affected_devices":["hvac-controller"],"cve":"N/A","cvss":4.0,"cwe":"CWE-798","description":"Sterownik klimatyzacji u\u017cywa domy\u015blnego has\u0142a 'admin'.","device_ip":"10.0.3.52","estimated_cost":"0 PLN","estimated_time":"15 minut","id":"PZ-D010","impact":"\u015aREDNIE: Kto\u015b mo\u017ce manipulowa\u0107 temperatur\u0105 w biurze.","owner_action":"PLANOWANE: Zmie\u0144 has\u0142o gdy b\u0119dziesz przy sterowniku.","severity":"medium","solution":"1. Zmie\u0144 has\u0142o na unikalne\n2. Rozwa\u017c osobny VLAN dla IoT","title":"HVAC z domy\u015blnym has\u0142em","who_should_fix":"Facility manager / IT"},{"affected_devices":["srv-db01"],"cve":"N/A","cvss":2.6,"cwe":"CWE-200","description":"Banner SSH pokazuje 'Ubuntu 22.04' co u\u0142atwia rozpoznanie systemu.","device_ip":"10.0.1.11","estimated_cost":"0 PLN","estimated_time":"10 minut","id":"PZ-D011","impact":"NISKIE: Informacja przydatna dla atakuj\u0105cego, ale sama w sobie nieszkodliwa.","owner_action":"OPCJONALNE: Mo\u017cna ukry\u0107 przy okazji innych zmian.","severity":"low","solution":"1. Ustaw Banner none w sshd_config\n2. Lub ustaw w\u0142asny banner bez info o wersji","title":"SSH Banner ujawnia wersj\u0119 OS","who_should_fix":"Administrator serwera"},{"affected_devices":["Wszystkie urz\u0105dzenia"],"cve":"N/A","cvss":3.0,"cwe":"CWE-653","description":"Wszystkie urz\u0105dzenia s\u0105 w jednej sieci - kamery, serwery, komputery, IoT.","device_ip":"Ca\u0142a sie\u0107","estimated_cost":"2000-5000 PLN","estimated_time":"8-16 godzin","id":"PZ-D012","impact":"NISKIE-\u015aREDNIE: Kompromitacja jednego urz\u0105dzenia u\u0142atwia atak na inne.","owner_action":"PLANOWANE: Przy modernizacji sieci rozwa\u017c VLAN-y.","severity":"low","solution":"1. Osobny VLAN dla kamer i IoT\n2. Osobny VLAN dla serwer\u00f3w\n3. VLAN dla u\u017cytkownik\u00f3w\n4. Firewall mi\u0119dzy VLAN-ami","title":"Brak segmentacji sieci","who_should_fix":"Firma sieciowa / Administrator"}]}