There is a typo in the PDF report when displaying the impact analysis "Missing Cloud Hardening" risk (page 8; Impact Analysis of X Remaining Risks in Y Categories).
Expected
If this risk is unmitigated, attackers might access cloud components in an unintended way.
Actual
If this risk is unmitigated, attackers might access cloud components in an unintended way and .
Summary
There is a typo in the PDF report when displaying the impact analysis "Missing Cloud Hardening" risk (page 8; Impact Analysis of X Remaining Risks in Y Categories).
Expected
Actual
Root Cause
The hard-coded string used to define the risk category contains the typo, see here: https://github.com/Threagile/threagile/blob/dad51398ceca985c63a13340abe08d65d3e63369/risks/built-in/missing-cloud-hardening/missing-cloud-hardening-rule.go#L14