Total Findings
340
Across 16 Agents
Compliance Checks
296
8+ Frameworks
Auto-Fix Actions
23
Preview Mode
Agents Run
14
0 Errors
Scan Time
22:27
1,347 Seconds

SEVERITY DISTRIBUTION

Cloud Security

SCOUT: 40 | SENTINEL: 18

TITAN SCOUT - Infrastructure Scanner (40 Findings)

Criticaltitan-banking-sql-4f29SQL firewall allows ALL IPs (0.0.0.0 - 255.255.255.255)
Category: Security | Type: SQLServer | Subscription: Pay-As-You-Go
Restrict to specific IPs or use private endpoints
Criticaltitan-patient-sql-4f29SQL firewall allows ALL IPs (0.0.0.0 - 255.255.255.255)
Category: Security | Type: SQLServer | Subscription: Pay-As-You-Go
Restrict to specific IPs or use private endpoints
Criticaltitan-core-banking-nsg/AllowSSHSSH (22) OPEN to entire internet
Category: Security | Type: NSG
Restrict to specific IPs or use Azure Bastion
Criticaltitan-ehr-nsg/AllowRDPRDP (3389) OPEN to entire internet
Category: Security | Type: NSG
Restrict to specific IPs or use Azure Bastion
Criticaltitan-ehr-nsg/AllowSSHSSH (22) OPEN to entire internet
Category: Security | Type: NSG
Restrict to specific IPs or use Azure Bastion
Hightitanbank4f29Public blob access ENABLED -- containers could be publicly accessible
Category: Security | Type: StorageAccount
Disable public blob access unless explicitly required
Hightitanbank4f29HTTP traffic allowed (not HTTPS-only)
Category: Security | Type: StorageAccount
Enable HTTPS-only to encrypt data in transit
Hightitanphi4f29Public blob access ENABLED -- containers could be publicly accessible
Category: Security | Type: StorageAccount
Disable public blob access unless explicitly required
Hightitanphi4f29HTTP traffic allowed (not HTTPS-only)
Category: Security | Type: StorageAccount
Enable HTTPS-only to encrypt data in transit
Hightitanbank4f29Storage account firewall default action is Allow -- all networks can access
Category: Network Security | Type: StorageAccount
Set network default action to Deny, then whitelist specific VNets/IPs (CIS 3.6)
Hightitanphi4f29Storage account firewall default action is Allow -- all networks can access
Category: Network Security | Type: StorageAccount
Set network default action to Deny, then whitelist specific VNets/IPs (CIS 3.6)
Hightitan-banking-sql-4f29SQL Server has no Azure AD admin configured
Category: Identity & Access | Type: SQLServer
Configure Azure AD admin for SQL Server to enable AAD authentication (CIS 5.5)
Hightitan-banking-sql-4f29SQL Server auditing is disabled -- database operations not being recorded
Category: Monitoring | Type: SQLServer
Enable SQL auditing for HIPAA 164.312(b) audit trail compliance
Hightitan-patient-sql-4f29SQL Server has no Azure AD admin configured
Category: Identity & Access | Type: SQLServer
Configure Azure AD admin to enable AAD authentication (CIS 5.5)
Hightitan-patient-sql-4f29SQL Server auditing is disabled -- database operations not being recorded
Category: Monitoring | Type: SQLServer
Enable SQL auditing for HIPAA 164.312(b) audit trail compliance
Hightitan-banking-portal-4f29App Service allows HTTP (not HTTPS-only)
Category: Security | Type: AppService
Enable HTTPS-only for HIPAA transmission security compliance
Hightitan-patient-portal-4f29App Service allows HTTP (not HTTPS-only)
Category: Security | Type: AppService
Enable HTTPS-only for HIPAA transmission security compliance
Hightitan-txn-events-4f29Event Hub allows access from ALL networks (no firewall)
Category: Security | Type: EventHub
Set default network action to Deny and allow specific VNets/IPs
Hightitan-payment-queue-4f29Service Bus allows access from ALL networks
Category: Security | Type: ServiceBus
Set default network action to Deny and allow specific VNets/IPs
HighDDoS ProtectionNo DDoS Protection Standard enabled -- 1 public IP exposed
Category: Network Security | Type: Subscription
Enable Azure DDoS Protection Standard on VNets with public endpoints
Hightitan-orphan-disk1Unattached disk (32GB Standard_LRS) -- not connected to any VM
Category: Cost | Estimated: $1.60/mo
Delete or snapshot then delete to save costs
Hightitan-orphan-disk2Unattached disk (64GB Standard_LRS) -- not connected to any VM
Category: Cost | Estimated: $3.20/mo
Delete or snapshot then delete to save costs
Mediumtitanbank4f29Min TLS version: TLS1_0 (should be TLS 1.2)
Category: Security | Type: StorageAccount
Set minimum TLS to 1.2 for compliance
Mediumtitanphi4f29Min TLS version: TLS1_0 (should be TLS 1.2)
Category: Security | Type: StorageAccount
Set minimum TLS to 1.2 for compliance
Mediumtitan-compliance-logsLog retention is 30 days -- HIPAA requires 6 years for audit logs
Category: Compliance | Type: LogAnalytics
Increase retention to 365+ days or archive to storage
Mediumtitan-banking-portal-4f29App Service has no managed identity -- using stored credentials
Category: Identity & Access | Type: AppService
Enable system-assigned managed identity (CIS 9.4)
Mediumtitan-patient-portal-4f29App Service has no managed identity -- using stored credentials
Category: Identity & Access | Type: AppService
Enable system-assigned managed identity (CIS 9.4)
Mediumtitan-core-banking-nsgNSG has no flow logs enabled -- network traffic not recorded
Category: Monitoring | Type: NSG
Enable NSG flow logs with 90+ day retention (CIS 4.5)
Mediumtitan-ehr-nsgNSG has no flow logs enabled -- network traffic not recorded
Category: Monitoring | Type: NSG
Enable NSG flow logs with 90+ day retention (CIS 4.5)
Mediumtitan-secure-nsgNSG has no flow logs enabled -- network traffic not recorded
Category: Monitoring | Type: NSG
Enable NSG flow logs with 90+ day retention (CIS 4.5)
Mediumtitan-orphan-pip1Unassociated public IP (dynamic) -- not attached to anything
Category: Cost | Estimated: $3.65/mo
Delete unused public IP to save costs and reduce attack surface
Mediumtitan-orphan-pip2Unassociated public IP (dynamic) -- not attached to anything
Category: Cost | Estimated: $3.65/mo
Delete unused public IP to save costs and reduce attack surface
Mediumtitan-txn-events-4f29Event Hub namespace not using customer-managed key encryption
Category: Security | Type: EventHub
Configure CMK encryption via Azure Key Vault
Mediumtitan-payment-queue-4f29Local SAS key authentication enabled -- use Azure AD instead
Category: Security | Type: ServiceBus
Disable local auth and use Azure AD + managed identity
Mediumtitan-banking-sql-4f29SQL Server has no vulnerability assessment configured
Category: Security | Type: SQLServer
Enable SQL Vulnerability Assessment (CIS 4.4)
Mediumtitan-patient-sql-4f29SQL Server has no vulnerability assessment configured
Category: Security | Type: SQLServer
Enable SQL Vulnerability Assessment (CIS 4.4)
Lowtitanbank4f29Storage uses Microsoft-managed keys (not CMK)
Category: Encryption
Consider customer-managed keys via Key Vault for data sovereignty (NIST SC-12)
Lowtitanphi4f29Storage uses Microsoft-managed keys (not CMK)
Category: Encryption
Consider customer-managed keys via Key Vault for data sovereignty (NIST SC-12)
Lowtitanemr4f29Storage uses Microsoft-managed keys (not CMK)
Category: Encryption
Consider customer-managed keys via Key Vault for data sovereignty (NIST SC-12)
LowNetworkWatcherRGResource group has no tags
Category: Compliance | Type: ResourceGroup
Add environment, owner, cost-center tags for governance

TITAN SENTINEL - Threat Detection (18 Findings)

Criticaltitan-core-banking-nsg/AllowSQLSQL Server (port 1433) EXPOSED to entire internet
Category: AttackSurface | Type: NSG
Close port 1433. Use Azure Bastion, VPN, or JIT access.
Criticaltitan-core-banking-nsg/AllowSSHSSH (port 22) EXPOSED to entire internet
Category: AttackSurface | Type: NSG
Close port 22. Use Azure Bastion, VPN, or JIT access.
Criticaltitan-ehr-nsg/AllowRDPRDP (port 3389) EXPOSED to entire internet
Category: AttackSurface | Type: NSG
Close port 3389. Use Azure Bastion, VPN, or JIT access.
Criticaltitan-ehr-nsg/AllowSSHSSH (port 22) EXPOSED to entire internet
Category: AttackSurface | Type: NSG
Close port 22. Use Azure Bastion, VPN, or JIT access.
CriticalLimited AdminCustom role 'Limited Admin' has dangerous permission: *
Category: Identity & Access | Type: CustomRole
Review custom role -- wildcards and authorization writes enable privilege escalation
Hightitan-banking-sql-4f29SQL Server has public network access ENABLED
Category: AttackSurface | Type: SQLServer
Disable public access. Use Private Endpoints.
Hightitan-patient-sql-4f29SQL Server has public network access ENABLED
Category: AttackSurface | Type: SQLServer
Disable public access. Use Private Endpoints.
Hightitanbank4f29Public blob access enabled -- data may be exposed to internet
Category: DLP | Type: StorageAccount
Disable public blob access immediately
Hightitanphi4f29Public blob access enabled -- data may be exposed to internet
Category: DLP | Type: StorageAccount
Disable public blob access immediately
Hightitan-txn-events-4f29Event Hub namespace allows access from ALL networks
Category: AttackSurface | Type: EventHub
Set default action to Deny and add VNet/IP rules.
Hightitan-payment-queue-4f29Service Bus namespace allows access from ALL networks
Category: AttackSurface | Type: ServiceBus
Set default action to Deny and configure VNet/IP rules.
HighSubscription: Pay-As-You-Go40 failed write/delete operations in 7 days -- possible unauthorized access
Category: Breach | Type: ActivityLog
Investigate user activity. Check for compromised accounts.
Mediumtitan-prod-vm-pipPublic IP: 52.173.65.144 (attached to: titan-prod-vm-nic)
Category: AttackSurface | Type: PublicIP
Verify necessity. Consider Private Link or VPN.
Mediumtitan-txn-events-4f29Event Hub uses platform-managed keys -- no customer-controlled encryption
Category: DLP | Type: EventHub
Configure customer-managed keys (CMK) via Azure Key Vault.
Mediumtitan-payment-queue-4f29Service Bus local authentication enabled -- SAS keys can bypass AAD
Category: Identity | Type: ServiceBus
Disable local auth to enforce Azure AD-only access.
Hightitanbank4f29Storage allows access from ALL networks (no firewall)
Category: AttackSurface | Type: StorageAccount
Configure network rules for specific VNets/IPs
Hightitanphi4f29Storage allows access from ALL networks (no firewall)
Category: AttackSurface | Type: StorageAccount
Configure network rules for specific VNets/IPs
Hightitan-payment-queue-4f29Service Bus uses platform-managed keys -- no customer-controlled encryption
Category: DLP | Type: ServiceBus
Configure customer-managed keys (CMK) via Azure Key Vault.

Compliance Assessment

278 Comply + 18 Sentinel = 296 Checks
87
PASS
83
FAIL
108
CHECK (Manual)
HIPAA164.312(a)(1)PASSAccess Control -- minimum necessary principle (RBAC). 0 Owner assignments.
HIPAA164.312(a)(2)(iv)PASSEncryption at rest -- ePHI encrypted. SQL TDE + Disk + SSE all PASS.
HIPAA164.312(b)FAILAudit controls -- SQL auditing DISABLED on titan-banking-sql-4f29, titan-patient-sql-4f29.
HIPAA164.312(c)(1)PASSIntegrity controls -- TDE + SSE protect data integrity.
HIPAA164.312(d)CHECKPerson or entity authentication -- verify MFA in Entra ID (requires Azure AD P1/P2).
HIPAA164.312(e)(1)FAILTransmission security -- titanbank4f29, titanphi4f29 not HTTPS. Apps not HTTPS-only. TLS below 1.2.
HIPAA164.312(e)(2)(ii)FAILEncryption -- not all endpoints enforce HTTPS for ePHI transmission.
HIPAA164.308(a)(4)(i)FAILInformation access management -- public access on titanbank4f29, titanphi4f29.
HIPAA164.308(a)(3)(i)PASSWorkforce security -- Azure RBAC enforced. 0 privileged assignments.
HIPAA164.310(a)(1)PASSFacility access -- Azure data centers SOC2/ISO27001 certified.
PCI DSS1.2.1FAILRestrict traffic -- 4 open management ports to internet (SQL 1433, SSH 22, RDP 3389).
PCI DSS2.2.7FAILNon-console admin access encrypted -- RDP exposed to internet.
PCI DSS3.4.1PASSPAN rendered unreadable -- all data encrypted at rest (TDE + SSE + disk).
PCI DSS3.5.1.1FAILKey Vault purge protection -- no purge protection on titan-health-kv-4f29.
PCI DSS4.2.1FAILStrong cryptography for cardholder data transmission -- TLS/HTTPS gaps detected.
PCI DSS6.4.1FAILPublic-facing web apps protected -- no WAF detected. Deploy Azure WAF.
PCI DSS7.2.1PASSAccess control restricts based on need-to-know -- 0 Owner assignments.
PCI DSS10.2.1FAILAudit logs enabled -- no auditing on titan-banking-sql-4f29, titan-patient-sql-4f29.
PCI DSS10.5.1FAILAudit log retention -- 30 days (PCI requires 365).
PCI DSS11.3.1PASSInternal vulnerability scans -- TITAN AI Sentinel provides continuous scanning.
SOC2CC6.1PASSLogical and physical access controls -- RBAC enforced, 0 privileged users.
SOC2CC6.6FAILEncryption in transit enforced -- HTTPS/TLS gaps detected.
SOC2CC6.7PASSData classified and protected by encryption at rest -- all data encrypted.
SOC2CC7.1FAILSystem activities monitored for anomalies -- logging gaps detected.
SOC2CC9.1PASSRisk mitigation activities in place -- TITAN AI provides continuous assessment.
CIS3.1PASSStorage service encryption (SSE) -- Azure SSE (AES-256) enabled by default.
CIS3.7FAILPublic access disabled on storage -- PUBLIC: titanbank4f29, titanphi4f29.
CIS3.9FAILStorage minimum TLS 1.2 -- titanbank4f29: TLS1_0, titanphi4f29: TLS1_0.
CIS4.1FAILSQL server auditing enabled -- NO AUDITING on 2 SQL servers.
CIS4.1.1PASSSQL Transparent Data Encryption enabled on all databases.
CIS6.1FAILRDP access restricted from internet -- RDP EXPOSED.
CIS6.2FAILSSH access restricted from internet -- SSH EXPOSED.
CIS8.1FAILKey Vault purge protection -- NO PURGE PROTECTION on titan-health-kv-4f29.
CIS9.1FAILApp Service enforces HTTPS only -- HTTP ALLOWED on 2 app services.
NISTAC-2PASSAccount management -- Azure RBAC enforced. 0 privileged accounts.
NISTSC-28PASSProtection of information at rest -- SSE + TDE verified on all data stores.
NISTSC-8FAILTransmission confidentiality and integrity -- encryption in transit gaps.
NISTCM-7FAILLeast functionality -- 4 open ports exposed to internet.
HITRUST01.jFAILNetwork access control -- 4 management ports exposed (SQL 1433, SSH 22, RDP 3389).
HITRUST06.dPASSData protection -- TDE enabled on all databases.
HITRUST09.abFAILMonitoring -- missing auditing on 2 SQL servers.
FedRAMPFR-AC-1PASSData residency -- all resources in US/US Gov regions.
FedRAMPFR-SC-1PASSEncryption at rest -- FIPS 140-2 validated. SQL TDE + Disk + SSE all PASS.
FedRAMPFR-SC-2FAILEncryption in transit -- 2 storage + 2 apps not HTTPS, 2 below TLS 1.2.
FedRAMPFR-SC-3FAILNetwork segmentation -- 4 open mgmt ports, 2 unfirewalled storage.
SOXITGC-AC-01PASSAccess control -- 0 privileged users on financial systems.
SOXITGC-OP-03FAILAudit trail integrity -- missing audit trails on 2 SQL servers.
DORADORA-ICT-1FAILICT risk management -- 2 SQL servers unaudited, monitoring gaps.
DORADORA-ICT-2PASSICT data protection -- all data stores encrypted at rest.
DORADORA-IS-2FAILSecure information exchange -- TLS 1.2+ not enforced everywhere.
GLBASafeguards RuleFAILAdministrative, technical, physical safeguards gaps in encryption and access controls.
CCPA1798.150(a)FAILSecurity procedures -- gaps may not meet 'reasonable security' standard.
CCPA1798.150(b)PASSData breach -- all data encrypted, breach of encrypted data may not require notification.
ISO 27001Asset InventoryPASSTITAN AI Discovery maintains continuous inventory of all Azure information assets.
ISO 27001Transfer PoliciesFAILSecure information transfer -- HTTPS enforcement, TLS version gaps.
CJIS5.5PASSAccess control -- role-based access enforced. 0 privileged users for CJI.
CJIS5.10.1.2PASSEncryption -- FIPS 140-2 certified for CJI.
CJIS5.5.6FAILRemote access -- direct remote access exposed. CJIS requires VPN/encrypted tunnel.

Auto-Remediation

FORGE: 23 Preview Actions
PREVIEWtitanbank4f29Disable public blob accessStorageAccount | AllowBlobPublicAccess -> False
PREVIEWtitanbank4f29Enforce HTTPS onlyStorageAccount | EnableHttpsTrafficOnly -> True
PREVIEWtitanbank4f29Set TLS 1.2StorageAccount | TLS1_0 -> TLS1_2
PREVIEWtitanphi4f29Disable public blob accessStorageAccount | AllowBlobPublicAccess -> False
PREVIEWtitanphi4f29Enforce HTTPS onlyStorageAccount | EnableHttpsTrafficOnly -> True
PREVIEWtitanphi4f29Set TLS 1.2StorageAccount | TLS1_0 -> TLS1_2
PREVIEWtitan-core-banking-nsg/AllowSQLRemove dangerous inbound rule (port 1433)NSG | Deleting rule allowing 0.0.0.0/0 -> port 1433
PREVIEWtitan-core-banking-nsg/AllowSSHRemove dangerous inbound rule (port 22)NSG | Deleting rule allowing 0.0.0.0/0 -> port 22
PREVIEWtitan-ehr-nsg/AllowRDPRemove dangerous inbound rule (port 3389)NSG | Deleting rule allowing 0.0.0.0/0 -> port 3389
PREVIEWtitan-ehr-nsg/AllowSSHRemove dangerous inbound rule (port 22)NSG | Deleting rule allowing 0.0.0.0/0 -> port 22
PREVIEWtitan-banking-sql-4f29Remove open SQL firewall ruleSQLServer | Removing AllowEverything (0.0.0.0-255.255.255.255)
PREVIEWtitan-patient-sql-4f29Remove open SQL firewall ruleSQLServer | Removing AllowEverything (0.0.0.0-255.255.255.255)
PREVIEWtitan-banking-portal-4f29Enable HTTPS onlyAppService | Enforcing encrypted connections
PREVIEWtitan-patient-portal-4f29Enable HTTPS onlyAppService | Enforcing encrypted connections
PREVIEWtitan-txn-events-4f29Set network default action to DenyEventHubNamespace | Block public access
PREVIEWtitan-payment-queue-4f29Set network default action to DenyServiceBusNamespace | Block public access
PREVIEWtitan-compliance-logsExtend retention from 30 to 90 daysLogAnalytics | HIPAA/SOC2/NIST require 90+ days
PREVIEWtitan-banking-portal-4f29Enable system-assigned managed identityAppService | CIS 9.4 -- use managed identity
PREVIEWtitan-patient-portal-4f29Enable system-assigned managed identityAppService | CIS 9.4 -- use managed identity
PREVIEWtitan-orphan-disk1Delete unattached disk (32GB)ManagedDisk | Save ~$1.6/mo
PREVIEWtitan-orphan-disk2Delete unattached disk (64GB)ManagedDisk | Save ~$3.2/mo
PREVIEWtitan-orphan-pip1Delete unused public IPPublicIP | Save ~$3.65/mo
PREVIEWtitan-orphan-pip2Delete unused public IPPublicIP | Save ~$3.65/mo

Shadow AI / Non-Human Identity

SHADOW: 16 Findings
Critical14524c1d-...Non-human identity has OWNER role at subscription level
Principal: 14524c1d-4103-4b64-8b68-a77392889d3d
Reduce to least-privilege. No NHI should have Owner at subscription scope.
Criticaltitan-banking-sql-4f29SQL Server firewall allows all Azure services or entire internet
Firewall: 0.0.0.0 - 255.255.255.255
Remove overly permissive rules. Use Private Endpoints.
Criticaltitan-patient-sql-4f29SQL Server firewall allows all Azure services or entire internet
Firewall: 0.0.0.0 - 255.255.255.255
Remove overly permissive rules. Use Private Endpoints.
Highaf70e736-...NHI has Contributor role at subscription level
Scope down to specific resource groups. Apply least-privilege.
High4427183e-...NHI has Contributor role at subscription level
Scope down to specific resource groups. Apply least-privilege.
High3ba332dd-...NHI has Contributor role at subscription level
Scope down to specific resource groups. Apply least-privilege.
Hightitanbank4f29Storage account allows non-HTTPS traffic -- data in transit unencrypted
Enable 'Secure transfer required' to enforce HTTPS.
Hightitanphi4f29Storage account allows non-HTTPS traffic -- data in transit unencrypted
Enable 'Secure transfer required' to enforce HTTPS.
Mediumtitan-orphan-disk1Orphaned disk (32GB) not attached to any VM -- ~$2/month wasted
Delete if no longer needed, or create snapshot before deletion.
Mediumtitan-orphan-disk2Orphaned disk (64GB) not attached to any VM -- ~$3/month wasted
Delete if no longer needed, or create snapshot before deletion.
Lowtitan-orphan-pip1Orphaned public IP not attached to any resource
Delete unused public IPs or associate with a resource.
Lowtitan-orphan-pip2Orphaned public IP not attached to any resource
Delete unused public IPs or associate with a resource.

Healthcare Vertical

ENGAGE: 5 | VOICE: 3 | PREDICT: 4 | PULSE: 4 | CODE: 5

TITAN ENGAGE -- Member Outreach (5)

CriticalMBR-001Risk Score: 87/100 | diabetes, depression | Last contact: 45d | ER visits: 2
High-risk member requiring immediate outreach intervention.
CriticalMBR-003Risk Score: 95/100 | heart failure, isolation | Last contact: 90d | ER visits: 4
Critical member -- 90 days since last contact with 4 ER visits.
CriticalMBR-005Risk Score: 92/100 | diabetes, social isolation | Last contact: 60d | ER visits: 3
High social isolation risk with declining health metrics.
HighMBR-004Risk Score: 72/100 | COPD, depression | Last contact: 30d | ER visits: 1
COPD member with depression comorbidity.
MediumMBR-002Risk Score: 42/100 | anxiety, loneliness | Last contact: 12d | ER visits: 0
Moderate risk -- recently contacted, monitor trends.

TITAN VOICE -- Call Analytics (3)

LowCALL-001QA Score: 85/100 | Sentiment: NEGATIVE | Agent: Sarah M. | Duration: 12:34
Call quality analysis with sentiment tracking.
LowCALL-002QA Score: 85/100 | Sentiment: POSITIVE | Agent: Mike R. | Duration: 8:22
Positive member interaction.
LowCALL-003QA Score: 85/100 | Sentiment: NEUTRAL | Agent: David L. | Duration: 15:47
Standard member interaction.

TITAN PREDICT -- Predictive Analytics (4)

HighER VisitsProjected 374 ER visits next quarter ($3,179,000 cost) -- 18% readmission rate
Predictive model projecting high ER utilization and costs.
Mediumsocial_isolationTrending UP: Social Isolation -- increasing across population
Population health trend alert.
Mediummedication_non_adherenceTrending UP: Medication Non Adherence -- increasing across population
Medication adherence declining -- intervention needed.
Mediummissed_appointmentsTrending UP: Missed Appointments -- increasing across population
Appointment attendance declining.

TITAN PULSE -- Population Segments (4)

MediumHigh-Risk SeniorsSize: 1,200 | Response: 12% | Channels: phone, mail | Conditions: isolation, depression
Low-response high-risk population segment.
MediumNewly EnrolledSize: 3,500 | Response: 35% | Channels: app, text, email | Conditions: onboarding
New member onboarding segment with digital engagement.
MediumChronic ConditionSize: 2,800 | Response: 22% | Channels: phone, app | Conditions: diabetes, COPD, CHF
Chronic condition management population.
MediumRe-engagementSize: 800 | Response: 8% | Channels: phone, mail, text | Conditions: lapsed
Lapsed member re-engagement segment.

TITAN CODE -- Data Pipeline Monitor (5)

CriticalProvider Data SyncStatus: FAILED | Records: 45,000 | Errors: 1,205 (2.678%) | Duration: 15min
Pipeline failure -- high error rate requires immediate investigation.
MediumMember Enrollment ETLStatus: RUNNING | Records: 125,000 | Errors: 23 (0.018%) | Duration: 45min
Active pipeline with minimal errors.
MediumClinical Data ImportStatus: COMPLETED | Records: 340,000 | Errors: 5 (0.001%) | Duration: 90min
Completed successfully with near-zero errors.
LowClaims ProcessingStatus: COMPLETED | Records: 890,000 | Errors: 0 (0.000%) | Duration: 120min
Clean completion -- zero errors.
LowQuality Measures CalcStatus: RUNNING | Records: 67,000 | Errors: 0 (0.000%) | Duration: 30min
Active pipeline running cleanly.

Banking Vertical

AML: 42 | FRAUD: 33 | KYC: 67

TITAN AML -- Anti-Money Laundering (42 Findings)

CriticalAML-2026-005Shell Holdings Inc | Layering | $500,000 x15 over 14 days | Risk: 92/100 | SAR_RECOMMENDED
Country: Cayman Islands | Account Age: 2mo
File SAR via FinCEN Form 111 within 30 days of detection.
CriticalAML-2026-009Global Trade Partners | Wire to High-Risk Country | $890,000 x2 | Risk: 95/100 | SAR_RECOMMENDED
Account Age: 1mo
OFAC BLOCK: Wire to sanctioned country (North Korea). IMMEDIATE ACTION REQUIRED.
CriticalAML-2026-011Offshore Ventures Ltd | Layering | $1,200,000 x25 over 10 days | Risk: 95/100 | SAR_RECOMMENDED
Country: Panama | Account Age: 1mo
BSA requires SAR filing within 30 days. FinCEN Form 111 auto-populated.
CriticalSberbank RussiaCorrespondent: Sberbank Russia (RU) | SANCTIONS NEXUS -- immediate review required
Risk: Critical | Shell Risk: YES | Sanctions: YES | Due diligence expired (25 months)
CriticalTRD-003Trade: Consulting Services | Invoice: $890,000 vs Market: $0 | TBML Score: 100/100
Country: PA | No market value reference, documentation inconsistencies, potential shell company
Trade-Based Money Laundering detected. Escalate to compliance immediately.
HighAML-2026-001John Smith LLC | Structuring | $9,800 x5 over 3 days | Risk: 88/100 | ESCALATE
Classic smurfing pattern | Account Age: 3mo
Escalate for review and potential SAR filing.
HighAML-2026-003XYZ Trading Corp | Wire to High-Risk Country | $250,000 x3 | Risk: 88/100 | ESCALATE
OFAC BLOCK: Wire to sanctioned country (Iran) | IMMEDIATE ACTION REQUIRED
Potential sanctions violation. Escalate immediately.
HighFirst Caribbean IntlCorrespondent Risk: High | Volume: $5.2M/30d | Shell Risk: YES | Due diligence expired
Cayman Islands correspondent with expired due diligence.

TITAN FRAUD -- Real-Time Detection (33 Findings)

CriticalTXN-001Card ****4521 | $4,999.99 Electronics Store | 02:34 AM | IP: Romania | Score: 92/100 | BLOCKED
Device: Unknown | MCC: 5732
Transaction blocked. CNP fraud risk score: 80/100.
CriticalTXN-003Card ****1199 | $12,500 Wire Transfer | 11:30 PM | IP: Nigeria | Score: 95/100 | BLOCKED
Device: New Browser | MCC: 4829
High-value wire blocked. CNP score: 65/100.
CriticalATO-001Account Takeover: Password + new device + address change in 24h | Risk: 92/100 | CONFIRMED
IP: VN | Device: Unknown Android | Prior logins from country: 0
CriticalATO-003Account Takeover: Email changed + 3 failed OTP + login from Tor | Risk: 97/100 | CONFIRMED
Device: Linux Desktop | Tor network access detected.
CriticalWIR-003Wire: $890,000 to First Caribbean Intl (KY) | Fraud Score: 100/100
High-risk destination: Cayman Islands | New account + large wire | Unusual frequency
CriticalSYN-001Synthetic ID Score: 100/100 | SSN Mismatch | Credit File: 8mo | Auth Users: 12
Flags: SSN/Age mismatch, Thin credit, Excessive authorized users, Shared address with 6 applicants, VoIP phone, New email
CriticalELD-001Romance Scam: Unusual wire transfers $15,000/week x3 weeks | Never wired before
Elder financial exploitation detected. Caregiver change: YES.
CriticalELD-002Financial Exploitation by Fiduciary: New signer + immediate large withdrawals
Stable account for 20 years. POA: YES. Caregiver change: YES.

TITAN KYC -- Know Your Customer (67 Findings)

CriticalKYC-002PEP DETECTED: Elena Petrova | Source: Government Position | Russia | Score: 95/100 | REJECTED
PEP with adverse media. Enhanced Due Diligence REQUIRED. CIP: FAIL -- SSN not verified.
CriticalKYC-005SANCTIONS HIT: Golden Dragon Trading Co | IMMEDIATE REJECTION | Report to OFAC within 10 days
Business | CIP: FAIL -- Address not verified. Adverse media detected.
CriticalKYC-007Phantom Shell Corp | Suspicious SPV Score: 100/100 | No purpose, no parent, no investors | REJECTED
Registered Agent Only (100%) beneficial owner. Zero revenue. Unverified address.
CriticalKYC-012Ghost Fund SPV LLC | Suspicious SPV Score: 100/100 | No purpose, no parent | REJECTED
Zero revenue. Registered Agent Only. Unverified address. CIP: FAIL.
HighKYC-008PEP DETECTED: Ahmed Al-Rashid | Source: Family Trust | AE | $1,200,000 income | EDD REQUIRED
PEP Related/Close Associate. Foreign National. High Net Worth.
HighKYC-011Horizon Wealth Management | RIA with STALE Form ADV | AUM: $1.2B | Adverse Media
SEC CRD#: 789012 | Registration: ACTIVE | Form ADV: NOT CURRENT -- potential compliance violation.

Telecom Vertical

TELCO: 92 Findings
CriticalMKT-2026-003TCPA VIOLATION: No express written consent for marketing SMS | 5,200 recipients | Fine: $2.6M
Halt campaign immediately. Auto-fix available with TITAN TELCO Pro.
CriticalMKT-2026-012FCC 2025 RULE: Consent via lead generator invalid. One-to-one consent required. 8,200 recipients. Fine: $4.1M
FCC extended compliance deadline to Jan 31, 2027 (DA 26-12).
Critical212-555-XXXXFederal DNC Registry number called by MKT-2026-003 | State: NY | Penalty: up to $51,744/call
Federal Do Not Call violation.
CriticalSIM Swap DetectionNo automated SIM swap fraud detection | 12 suspicious swaps in 30 days unreviewed
Telecom network security vulnerability.
CriticalSS7 VulnerabilitySS7 signaling not monitored for location tracking or call interception attacks
Core network protocol vulnerability.
CriticalNomadic VoIP E-911VoIP subscribers not prompted to update location on IP change | FCC 47 CFR 9.11(b)(3)
E-911 failures = lives at risk + massive FCC penalties.
Critical2026-02 Data UsageOvercharge: Billed $510,000 vs Actual $492,100 = $17,900 overcharge
Carrier billing discrepancy detected.
Critical2026-04 Data UsageOvercharge: Billed $520,000 vs Actual $501,300 = $18,700 overcharge
Latest billing period overcharge detected.
HighCPNI Access Logging3 employees accessed CPNI records without documented business reason
CPNI compliance failure per FCC rules.
HighCall Signing RateOnly 94% of outbound calls STIR/SHAKEN signed. 847 unsigned in 30 days
FCC requires good-faith signing effort.
HighCUS-10008Churn Risk: 95% | Plan: Basic $35 | 2 months | Declining usage | NPS: 1
Annual value: $420 at risk. Support calls: 6.
HighALI DatabaseE-911: 142 subscriber addresses not updated in ALI database within 24 hours
FCC 47 CFR 9.10(d) compliance issue.
HighData PrivacyOperates in 4 states with consumer data privacy laws: CT, DE, MD, VA
CPNI + CDR + location data subject to state privacy requirements.
HighMNO Partner3 MNO SLA violations in last 30 days. MNO: T-Mobile. Service credits may apply.
Voice uptime: 99.97% (target 99.99%) | Data uptime: 99.91% (target 99.95%)

Agent Summary

16 Agents | 0 Errors
AgentFindingsComplianceActionsDurationStatus
TITAN SCOUT40----274.6sOK
TITAN SENTINEL1818--227.5sOK
TITAN COMPLY11278--112.8sOK
TITAN FORGE23--23158.2sOK
TITAN SHADOW16----88.6sOK
TITAN ENGAGE5----53.1sOK
TITAN VOICE3----31.8sOK
TITAN PREDICT4----18.2sOK
TITAN PULSE4----16.9sOK
TITAN CODE5----15.0sOK
TITAN AML42----111.3sOK
TITAN FRAUD33----54.1sOK
TITAN KYC67----134.7sOK
TITAN TELCO92----~45sOK
TOTAL340296231,347sALL OK