From 20d7af45ac9e537c9fc7c7dce614110df7272cbc Mon Sep 17 00:00:00 2001
From: "miracum-renovate[bot]" <miracum-renovate[bot]@users.noreply.github.com>
Date: Sun, 22 Dec 2024 11:17:55 +0000
Subject: [PATCH] docs: updated kubescape reports

---
 kubescape-reports/cis-v1.23-t1.0.1.html | 578 ++++++++++----------
 kubescape-reports/nsa.html              | 694 ++++++++++++------------
 2 files changed, 636 insertions(+), 636 deletions(-)

diff --git a/kubescape-reports/cis-v1.23-t1.0.1.html b/kubescape-reports/cis-v1.23-t1.0.1.html
index 57621860..994c5612 100644
--- a/kubescape-reports/cis-v1.23-t1.0.1.html
+++ b/kubescape-reports/cis-v1.23-t1.0.1.html
@@ -320,10 +320,10 @@ <h2>Failed Resources:</h2>
     </br>
     
     
-    <h3>Name: -datashield-opal</h3>
+    <h3>Name: -fhir-pseudonymizer</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -datashield-opal</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -fhir-pseudonymizer</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -337,27 +337,47 @@ <h3>Name: -datashield-opal</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[2].env[12].name</p>  <p>spec.template.spec.containers[2].env[16].name</p>  <p>spec.template.spec.containers[2].env[1].name</p>  <p>spec.template.spec.containers[2].env[4].name</p>  <p>spec.template.spec.containers[2].env[6].name</p>  <p>spec.template.spec.containers[2].env[8].name</p> </td>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
+        </tbody>
+      </table>
+    </div>
+    
+    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -fhir-pseudonymizer-test-connection</p>
+      <p>Namespace: </p>
+      <table>
+        <thead>
+        <tr>
+          <th class="resourceSeverityCell">Severity</th>
+          <th class="resourceNameCell">Name</th>
+          <th class="resourceURLCell">Docs</th>
+          <th class="resourceRemediationCell">Assisted Remediation</th>
+        </tr>
+        </thead>
+        <tbody>
+        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[2].securityContext.readOnlyRootFilesystem=true</p>  <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.containers[2].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps</h3>
+    <h3>Name: -recruit-postgres</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -vfps</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -recruit-postgres</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -374,24 +394,24 @@ <h3>Name: -vfps</h3>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
         </tr>
         
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem=true</p>  <p>spec.template.spec.containers[0].securityContext.runAsGroup=1000</p>  <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps-test-connection</h3>
+    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -vfps-test-connection</p>
+      <p>Name: -fhir-pseudonymizer-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -415,10 +435,10 @@ <h3>Name: -vfps-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -recruit-query</h3>
+    <h3>Name: -fhir-gateway-gateway</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -recruit-query</p>
+      <p>Name: -fhir-gateway-gateway</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -449,33 +469,6 @@ <h3>Name: -recruit-query</h3>
       </table>
     </div>
     
-    <h3>Name: -mailhog</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: ServiceAccount</p>
-      <p>Name: -mailhog</p>
-      <p>Namespace: </p>
-      <table>
-        <thead>
-        <tr>
-          <th class="resourceSeverityCell">Severity</th>
-          <th class="resourceNameCell">Name</th>
-          <th class="resourceURLCell">Docs</th>
-          <th class="resourceRemediationCell">Assisted Remediation</th>
-        </tr>
-        </thead>
-        <tbody>
-        
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.1.6 Ensure that Service Account Tokens are only mounted where necessary</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0190">C-0190</a></td>
-          <td class="resourceRemediationCell"> <p>automountServiceAccountToken=false</p> </td>
-        </tr>
-        
-        </tbody>
-      </table>
-    </div>
-    
     <h3>Name: -vfps-migrations-v1-3-5</h3>
       <p>ApiVersion: batch/v1</p>
       <p>Kind: Job</p>
@@ -510,10 +503,10 @@ <h3>Name: -vfps-migrations-v1-3-5</h3>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
+    <h3>Name: -blaze-test-connection</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -fhir-pseudonymizer-test-connection</p>
+      <p>Name: -blaze-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -530,17 +523,17 @@ <h3>Name: -fhir-pseudonymizer-test-connection</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[2].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -ohdsi-atlas</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -ohdsi-atlas</p>
+    <h3>Name: -gateway-vfps-migrations-v1-3-5</h3>
+      <p>ApiVersion: batch/v1</p>
+      <p>Kind: Job</p>
+      <p>Name: -gateway-vfps-migrations-v1-3-5</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -553,21 +546,28 @@ <h3>Name: -ohdsi-atlas</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem=true</p>  <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -datashield-rock</h3>
+    <h3>Name: -postgresql</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: StatefulSet</p>
-      <p>Name: -datashield-rock</p>
+      <p>Name: -postgresql</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -584,24 +584,17 @@ <h3>Name: -datashield-rock</h3>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[2].env[4].name</p>  <p>spec.template.spec.containers[2].env[6].name</p>  <p>spec.template.spec.containers[2].env[8].name</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.containers[2].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -gateway-vfps-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -gateway-vfps-test-connection</p>
+    <h3>Name: -blaze</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -blaze</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -618,17 +611,17 @@ <h3>Name: -gateway-vfps-test-connection</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-gateway-gateway</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -fhir-gateway-gateway</p>
+    <h3>Name: -vfps-migrations-v1-3-5</h3>
+      <p>ApiVersion: batch/v1</p>
+      <p>Kind: Job</p>
+      <p>Name: -vfps-migrations-v1-3-5</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -652,17 +645,17 @@ <h3>Name: -fhir-gateway-gateway</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-gateway-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -fhir-gateway-test-connection</p>
+    <h3>Name: -fhir-pseudonymizer</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -fhir-pseudonymizer</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -679,17 +672,17 @@ <h3>Name: -fhir-gateway-test-connection</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -fhir-pseudonymizer</p>
+    <h3>Name: -hapi-fhir-jpaserver-test-endpoints</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -hapi-fhir-jpaserver-test-endpoints</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -706,17 +699,17 @@ <h3>Name: -fhir-pseudonymizer</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[2].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -recruit-list</h3>
+    <h3>Name: -postgresql</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -recruit-list</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -postgresql</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -730,20 +723,20 @@ <h3>Name: -recruit-list</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -vfps-test-connection</p>
+    <h3>Name: -fhir-gateway-loinc-converter</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -fhir-gateway-loinc-converter</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -760,17 +753,17 @@ <h3>Name: -vfps-test-connection</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps-migrations-v1-3-5</h3>
-      <p>ApiVersion: batch/v1</p>
-      <p>Kind: Job</p>
-      <p>Name: -vfps-migrations-v1-3-5</p>
+    <h3>Name: -postgresql</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -postgresql</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -787,24 +780,17 @@ <h3>Name: -vfps-migrations-v1-3-5</h3>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -ohdsi-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -ohdsi-test-connection</p>
+    <h3>Name: -postgresql</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -postgresql</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -818,20 +804,20 @@ <h3>Name: -ohdsi-test-connection</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -fhir-pseudonymizer-test-connection</p>
+    <h3>Name: -recruit-query</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -recruit-query</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -844,21 +830,28 @@ <h3>Name: -fhir-pseudonymizer-test-connection</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps-postgres</h3>
+    <h3>Name: -datashield-rock</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: StatefulSet</p>
-      <p>Name: -vfps-postgres</p>
+      <p>Name: -datashield-rock</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -875,17 +868,24 @@ <h3>Name: -vfps-postgres</h3>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[2].env[4].name</p>  <p>spec.template.spec.containers[2].env[6].name</p>  <p>spec.template.spec.containers[2].env[8].name</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.containers[2].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps</h3>
+    <h3>Name: -ohdsi-webapi</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -vfps</p>
+      <p>Name: -ohdsi-webapi</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -902,7 +902,7 @@ <h3>Name: -vfps</h3>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[14].name</p>  <p>spec.template.spec.containers[0].env[4].name</p> </td>
         </tr>
         
         <tr>
@@ -916,10 +916,10 @@ <h3>Name: -vfps</h3>
       </table>
     </div>
     
-    <h3>Name: -blaze-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -blaze-test-connection</p>
+    <h3>Name: -fhir-pseudonymizer</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -fhir-pseudonymizer</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -936,17 +936,17 @@ <h3>Name: -blaze-test-connection</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[2].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -postgresql</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -postgresql</p>
+    <h3>Name: -gateway-vfps-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -gateway-vfps-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -960,20 +960,20 @@ <h3>Name: -postgresql</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -recruit-postgres</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -recruit-postgres</p>
+    <h3>Name: -datashield-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -datashield-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -986,28 +986,21 @@ <h3>Name: -recruit-postgres</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem=true</p>  <p>spec.template.spec.containers[0].securityContext.runAsGroup=1000</p>  <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps-migrations-v1-3-5</h3>
-      <p>ApiVersion: batch/v1</p>
-      <p>Kind: Job</p>
-      <p>Name: -vfps-migrations-v1-3-5</p>
+    <h3>Name: -fhir-gateway-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -fhir-gateway-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1020,28 +1013,21 @@ <h3>Name: -vfps-migrations-v1-3-5</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -postgresql</h3>
+    <h3>Name: -vfps</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -postgresql</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -vfps</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1058,17 +1044,24 @@ <h3>Name: -postgresql</h3>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -hapi-fhir-jpaserver-test-endpoints</h3>
+    <h3>Name: -recruit-test-health-probes</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -hapi-fhir-jpaserver-test-endpoints</p>
+      <p>Name: -recruit-test-health-probes</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1092,10 +1085,10 @@ <h3>Name: -hapi-fhir-jpaserver-test-endpoints</h3>
       </table>
     </div>
     
-    <h3>Name: -vfps-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -vfps-test-connection</p>
+    <h3>Name: -vfps</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -vfps</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1108,21 +1101,28 @@ <h3>Name: -vfps-test-connection</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -datashield-test-connection</h3>
+    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -datashield-test-connection</p>
+      <p>Name: -fhir-pseudonymizer-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1146,10 +1146,10 @@ <h3>Name: -datashield-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -recruit-notify</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -recruit-notify</p>
+    <h3>Name: -ohdsi-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -ohdsi-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1162,28 +1162,21 @@ <h3>Name: -recruit-notify</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[7].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps</h3>
+    <h3>Name: -postgresql</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -vfps</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -postgresql</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1200,24 +1193,24 @@ <h3>Name: -vfps</h3>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
         </tr>
         
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.runAsGroup=1000</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -mailhog</h3>
+    <h3>Name: -recruit-list</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -mailhog</p>
+      <p>Name: -recruit-list</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1234,17 +1227,17 @@ <h3>Name: -mailhog</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -hapi-fhir-jpaserver</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -hapi-fhir-jpaserver</p>
+    <h3>Name: -vfps-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -vfps-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1257,28 +1250,21 @@ <h3>Name: -hapi-fhir-jpaserver</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[2].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -postgresql</h3>
+    <h3>Name: -mailhog</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -postgresql</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -mailhog</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1292,20 +1278,20 @@ <h3>Name: -postgresql</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -gateway-vfps-migrations-v1-3-5</h3>
-      <p>ApiVersion: batch/v1</p>
-      <p>Kind: Job</p>
-      <p>Name: -gateway-vfps-migrations-v1-3-5</p>
+    <h3>Name: -vfps-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -vfps-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1318,28 +1304,21 @@ <h3>Name: -gateway-vfps-migrations-v1-3-5</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
+    <h3>Name: -vfps-test-connection</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -fhir-pseudonymizer-test-connection</p>
+      <p>Name: -vfps-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1363,10 +1342,10 @@ <h3>Name: -fhir-pseudonymizer-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -postgresql</h3>
+    <h3>Name: -ohdsi-postgres</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: StatefulSet</p>
-      <p>Name: -postgresql</p>
+      <p>Name: -ohdsi-postgres</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1390,10 +1369,10 @@ <h3>Name: -postgresql</h3>
       </table>
     </div>
     
-    <h3>Name: -ohdsi-webapi</h3>
+    <h3>Name: -datashield-opal</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -ohdsi-webapi</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -datashield-opal</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1410,24 +1389,24 @@ <h3>Name: -ohdsi-webapi</h3>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[14].name</p>  <p>spec.template.spec.containers[0].env[4].name</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[2].env[12].name</p>  <p>spec.template.spec.containers[2].env[16].name</p>  <p>spec.template.spec.containers[2].env[1].name</p>  <p>spec.template.spec.containers[2].env[4].name</p>  <p>spec.template.spec.containers[2].env[6].name</p>  <p>spec.template.spec.containers[2].env[8].name</p> </td>
         </tr>
         
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[2].securityContext.readOnlyRootFilesystem=true</p>  <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.containers[2].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -recruit-test-health-probes</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -recruit-test-health-probes</p>
+    <h3>Name: -recruit-notify</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -recruit-notify</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1440,21 +1419,28 @@ <h3>Name: -recruit-test-health-probes</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[7].name</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[2].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -postgresql</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -postgresql</p>
+    <h3>Name: -vfps-migrations-v1-3-5</h3>
+      <p>ApiVersion: batch/v1</p>
+      <p>Kind: Job</p>
+      <p>Name: -vfps-migrations-v1-3-5</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1471,17 +1457,24 @@ <h3>Name: -postgresql</h3>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer</h3>
+    <h3>Name: -hapi-fhir-jpaserver</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -fhir-pseudonymizer</p>
+      <p>Name: -hapi-fhir-jpaserver</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1494,6 +1487,13 @@ <h3>Name: -fhir-pseudonymizer</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[2].name</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
@@ -1505,10 +1505,10 @@ <h3>Name: -fhir-pseudonymizer</h3>
       </table>
     </div>
     
-    <h3>Name: -gateway-vfps</h3>
+    <h3>Name: -vfps-postgres</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -gateway-vfps</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -vfps-postgres</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1525,24 +1525,17 @@ <h3>Name: -gateway-vfps</h3>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -ohdsi-postgres</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -ohdsi-postgres</p>
+    <h3>Name: -mailhog</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: ServiceAccount</p>
+      <p>Name: -mailhog</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1557,19 +1550,19 @@ <h3>Name: -ohdsi-postgres</h3>
         
         <tr>
           <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
+          <td class="resourceNameCell">CIS-5.1.6 Ensure that Service Account Tokens are only mounted where necessary</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0190">C-0190</a></td>
+          <td class="resourceRemediationCell"> <p>automountServiceAccountToken=false</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer</h3>
+    <h3>Name: -gateway-vfps</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -fhir-pseudonymizer</p>
+      <p>Name: -gateway-vfps</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1582,6 +1575,13 @@ <h3>Name: -fhir-pseudonymizer</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
@@ -1593,10 +1593,10 @@ <h3>Name: -fhir-pseudonymizer</h3>
       </table>
     </div>
     
-    <h3>Name: -fhir-gateway-loinc-converter</h3>
+    <h3>Name: -postgresql</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -fhir-gateway-loinc-converter</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -postgresql</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1610,20 +1610,20 @@ <h3>Name: -fhir-gateway-loinc-converter</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -blaze</h3>
+    <h3>Name: -vfps</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -blaze</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -vfps</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1636,21 +1636,28 @@ <h3>Name: -blaze</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -postgresql</h3>
+    <h3>Name: -ohdsi-atlas</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -postgresql</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -ohdsi-atlas</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1663,18 +1670,11 @@ <h3>Name: -postgresql</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.runAsGroup=1000</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem=true</p>  <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
diff --git a/kubescape-reports/nsa.html b/kubescape-reports/nsa.html
index d009073c..9f12aab9 100644
--- a/kubescape-reports/nsa.html
+++ b/kubescape-reports/nsa.html
@@ -284,10 +284,10 @@ <h2>Failed Resources:</h2>
     </br>
     
     
-    <h3>Name: -mailhog</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -mailhog</p>
+    <h3>Name: -vfps-migrations-v1-3-5</h3>
+      <p>ApiVersion: batch/v1</p>
+      <p>Kind: Job</p>
+      <p>Name: -vfps-migrations-v1-3-5</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -300,20 +300,6 @@ <h3>Name: -mailhog</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure memory limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -325,10 +311,10 @@ <h3>Name: -mailhog</h3>
       </table>
     </div>
     
-    <h3>Name: -vfps-migrations-v1-3-5</h3>
-      <p>ApiVersion: batch/v1</p>
-      <p>Kind: Job</p>
-      <p>Name: -vfps-migrations-v1-3-5</p>
+    <h3>Name: -recruit-notify</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -recruit-notify</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -341,13 +327,6 @@ <h3>Name: -vfps-migrations-v1-3-5</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure memory limits are set</td>
@@ -362,6 +341,13 @@ <h3>Name: -vfps-migrations-v1-3-5</h3>
           <td class="resourceRemediationCell"></td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
@@ -382,13 +368,6 @@ <h3>Name: -recruit-query</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure memory limits are set</td>
@@ -403,14 +382,21 @@ <h3>Name: -recruit-query</h3>
           <td class="resourceRemediationCell"></td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -fhir-pseudonymizer-test-connection</p>
+    <h3>Name: -fhir-gateway-gateway</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -fhir-gateway-gateway</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -434,10 +420,10 @@ <h3>Name: -fhir-pseudonymizer-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -fhir-pseudonymizer</p>
+    <h3>Name: -vfps-migrations-v1-3-5</h3>
+      <p>ApiVersion: batch/v1</p>
+      <p>Kind: Job</p>
+      <p>Name: -vfps-migrations-v1-3-5</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -461,10 +447,10 @@ <h3>Name: -fhir-pseudonymizer</h3>
       </table>
     </div>
     
-    <h3>Name: -blaze</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -blaze</p>
+    <h3>Name: -vfps-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -vfps-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -488,10 +474,10 @@ <h3>Name: -blaze</h3>
       </table>
     </div>
     
-    <h3>Name: -fhir-gateway-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -fhir-gateway-test-connection</p>
+    <h3>Name: -vfps-migrations-v1-3-5</h3>
+      <p>ApiVersion: batch/v1</p>
+      <p>Kind: Job</p>
+      <p>Name: -vfps-migrations-v1-3-5</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -504,6 +490,13 @@ <h3>Name: -fhir-gateway-test-connection</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure memory limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -511,14 +504,21 @@ <h3>Name: -fhir-gateway-test-connection</h3>
           <td class="resourceRemediationCell"></td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -hapi-fhir-jpaserver</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -hapi-fhir-jpaserver</p>
+    <h3>Name: -blaze-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -blaze-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -531,20 +531,6 @@ <h3>Name: -hapi-fhir-jpaserver</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure memory limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -556,10 +542,10 @@ <h3>Name: -hapi-fhir-jpaserver</h3>
       </table>
     </div>
     
-    <h3>Name: -fhir-gateway-gateway</h3>
+    <h3>Name: -fhir-pseudonymizer</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -fhir-gateway-gateway</p>
+      <p>Name: -fhir-pseudonymizer</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -583,10 +569,10 @@ <h3>Name: -fhir-gateway-gateway</h3>
       </table>
     </div>
     
-    <h3>Name: -vfps-test-connection</h3>
+    <h3>Name: -ohdsi-test-connection</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -vfps-test-connection</p>
+      <p>Name: -ohdsi-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -599,6 +585,13 @@ <h3>Name: -vfps-test-connection</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure memory limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -606,14 +599,21 @@ <h3>Name: -vfps-test-connection</h3>
           <td class="resourceRemediationCell"></td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -postgresql</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -postgresql</p>
+    <h3>Name: -hapi-fhir-jpaserver-test-endpoints</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -hapi-fhir-jpaserver-test-endpoints</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -626,35 +626,35 @@ <h3>Name: -postgresql</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure memory limits are set</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[2].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p> </td>
         </tr>
         
         <tr>
           <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">Non-root containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0013">C-0013</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.runAsGroup=1000</p> </td>
+          <td class="resourceNameCell">Ingress and Egress blocked</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0030">C-0030</a></td>
+          <td class="resourceRemediationCell"></td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[2].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -fhir-pseudonymizer</p>
+    <h3>Name: -recruit-test-health-probes</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -recruit-test-health-probes</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -667,6 +667,13 @@ <h3>Name: -fhir-pseudonymizer</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure memory limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[2].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -674,6 +681,13 @@ <h3>Name: -fhir-pseudonymizer</h3>
           <td class="resourceRemediationCell"></td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[2].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
@@ -694,13 +708,6 @@ <h3>Name: -vfps</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure memory limits are set</td>
@@ -715,14 +722,21 @@ <h3>Name: -vfps</h3>
           <td class="resourceRemediationCell"></td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -vfps</p>
+    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -fhir-pseudonymizer-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -735,6 +749,13 @@ <h3>Name: -vfps</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure memory limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -742,14 +763,21 @@ <h3>Name: -vfps</h3>
           <td class="resourceRemediationCell"></td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -vfps-test-connection</p>
+    <h3>Name: -fhir-pseudonymizer</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -fhir-pseudonymizer</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -773,10 +801,10 @@ <h3>Name: -vfps-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer</h3>
+    <h3>Name: -fhir-gateway-loinc-converter</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -fhir-pseudonymizer</p>
+      <p>Name: -fhir-gateway-loinc-converter</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -790,34 +818,20 @@ <h3>Name: -fhir-pseudonymizer</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure memory limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">Ingress and Egress blocked</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0030">C-0030</a></td>
-          <td class="resourceRemediationCell"></td>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">Ingress and Egress blocked</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0030">C-0030</a></td>
+          <td class="resourceRemediationCell"></td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps-migrations-v1-3-5</h3>
-      <p>ApiVersion: batch/v1</p>
-      <p>Kind: Job</p>
-      <p>Name: -vfps-migrations-v1-3-5</p>
+    <h3>Name: -ohdsi-atlas</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -ohdsi-atlas</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -830,6 +844,13 @@ <h3>Name: -vfps-migrations-v1-3-5</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure memory limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -837,14 +858,28 @@ <h3>Name: -vfps-migrations-v1-3-5</h3>
           <td class="resourceRemediationCell"></td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">Low</td>
+          <td class="resourceNameCell">Immutable container filesystem</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0017">C-0017</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem=true</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -datashield-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -datashield-test-connection</p>
+    <h3>Name: -ohdsi-webapi</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -ohdsi-webapi</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -857,6 +892,13 @@ <h3>Name: -datashield-test-connection</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure memory limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -864,14 +906,21 @@ <h3>Name: -datashield-test-connection</h3>
           <td class="resourceRemediationCell"></td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -gateway-vfps-migrations-v1-3-5</h3>
-      <p>ApiVersion: batch/v1</p>
-      <p>Kind: Job</p>
-      <p>Name: -gateway-vfps-migrations-v1-3-5</p>
+    <h3>Name: -fhir-pseudonymizer</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -fhir-pseudonymizer</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -884,6 +933,13 @@ <h3>Name: -gateway-vfps-migrations-v1-3-5</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure memory limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -891,14 +947,21 @@ <h3>Name: -gateway-vfps-migrations-v1-3-5</h3>
           <td class="resourceRemediationCell"></td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -hapi-fhir-jpaserver-test-endpoints</h3>
+    <h3>Name: -datashield-test-connection</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -hapi-fhir-jpaserver-test-endpoints</p>
+      <p>Name: -datashield-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -911,20 +974,6 @@ <h3>Name: -hapi-fhir-jpaserver-test-endpoints</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[2].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure memory limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[2].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -936,10 +985,10 @@ <h3>Name: -hapi-fhir-jpaserver-test-endpoints</h3>
       </table>
     </div>
     
-    <h3>Name: -recruit-notify</h3>
+    <h3>Name: -blaze</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -recruit-notify</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -blaze</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -952,20 +1001,6 @@ <h3>Name: -recruit-notify</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure memory limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -977,10 +1012,10 @@ <h3>Name: -recruit-notify</h3>
       </table>
     </div>
     
-    <h3>Name: -fhir-gateway-loinc-converter</h3>
+    <h3>Name: -datashield-rock</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -fhir-gateway-loinc-converter</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -datashield-rock</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1004,10 +1039,10 @@ <h3>Name: -fhir-gateway-loinc-converter</h3>
       </table>
     </div>
     
-    <h3>Name: -recruit-test-health-probes</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -recruit-test-health-probes</p>
+    <h3>Name: -hapi-fhir-jpaserver</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -hapi-fhir-jpaserver</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1020,18 +1055,11 @@ <h3>Name: -recruit-test-health-probes</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[2].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure memory limits are set</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[2].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
         </tr>
         
         <tr>
@@ -1041,14 +1069,21 @@ <h3>Name: -recruit-test-health-probes</h3>
           <td class="resourceRemediationCell"></td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps-test-connection</h3>
+    <h3>Name: -fhir-gateway-test-connection</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -vfps-test-connection</p>
+      <p>Name: -fhir-gateway-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1061,20 +1096,6 @@ <h3>Name: -vfps-test-connection</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure memory limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -1086,10 +1107,10 @@ <h3>Name: -vfps-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -gateway-vfps</h3>
+    <h3>Name: -vfps</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -gateway-vfps</p>
+      <p>Name: -vfps</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1113,10 +1134,10 @@ <h3>Name: -gateway-vfps</h3>
       </table>
     </div>
     
-    <h3>Name: -datashield-rock</h3>
+    <h3>Name: -vfps</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -datashield-rock</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -vfps</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1140,10 +1161,10 @@ <h3>Name: -datashield-rock</h3>
       </table>
     </div>
     
-    <h3>Name: -gateway-vfps-test-connection</h3>
+    <h3>Name: -vfps-test-connection</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -gateway-vfps-test-connection</p>
+      <p>Name: -vfps-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1167,10 +1188,10 @@ <h3>Name: -gateway-vfps-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -blaze-test-connection</h3>
+    <h3>Name: -mailhog</h3>
       <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -blaze-test-connection</p>
+      <p>Kind: ServiceAccount</p>
+      <p>Name: -mailhog</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1185,9 +1206,9 @@ <h3>Name: -blaze-test-connection</h3>
         
         <tr>
           <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">Ingress and Egress blocked</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0030">C-0030</a></td>
-          <td class="resourceRemediationCell"></td>
+          <td class="resourceNameCell">Automatic mapping of service account</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0034">C-0034</a></td>
+          <td class="resourceRemediationCell"> <p>automountServiceAccountToken=false</p> </td>
         </tr>
         
         </tbody>
@@ -1210,13 +1231,6 @@ <h3>Name: -recruit-list</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure memory limits are set</td>
@@ -1231,6 +1245,13 @@ <h3>Name: -recruit-list</h3>
           <td class="resourceRemediationCell"></td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Applications credentials in configuration files</td>
@@ -1242,10 +1263,10 @@ <h3>Name: -recruit-list</h3>
       </table>
     </div>
     
-    <h3>Name: -ohdsi-webapi</h3>
+    <h3>Name: -mailhog</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -ohdsi-webapi</p>
+      <p>Name: -mailhog</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1258,13 +1279,6 @@ <h3>Name: -ohdsi-webapi</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure memory limits are set</td>
@@ -1279,14 +1293,21 @@ <h3>Name: -ohdsi-webapi</h3>
           <td class="resourceRemediationCell"></td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -fhir-pseudonymizer-test-connection</p>
+    <h3>Name: -postgresql</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -postgresql</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1301,19 +1322,33 @@ <h3>Name: -fhir-pseudonymizer-test-connection</h3>
         
         <tr>
           <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">Ingress and Egress blocked</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0030">C-0030</a></td>
-          <td class="resourceRemediationCell"></td>
+          <td class="resourceNameCell">Non-root containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0013">C-0013</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.runAsGroup=1000</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure memory limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -ohdsi-atlas</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -ohdsi-atlas</p>
+    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -fhir-pseudonymizer-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1326,27 +1361,6 @@ <h3>Name: -ohdsi-atlas</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure memory limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">Low</td>
-          <td class="resourceNameCell">Immutable container filesystem</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0017">C-0017</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem=true</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -1358,10 +1372,10 @@ <h3>Name: -ohdsi-atlas</h3>
       </table>
     </div>
     
-    <h3>Name: -recruit-postgres</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -recruit-postgres</p>
+    <h3>Name: -gateway-vfps-migrations-v1-3-5</h3>
+      <p>ApiVersion: batch/v1</p>
+      <p>Kind: Job</p>
+      <p>Name: -gateway-vfps-migrations-v1-3-5</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1374,34 +1388,6 @@ <h3>Name: -recruit-postgres</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure memory limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">Non-root containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0013">C-0013</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.runAsGroup=1000</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">Low</td>
-          <td class="resourceNameCell">Immutable container filesystem</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0017">C-0017</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem=true</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -1413,10 +1399,10 @@ <h3>Name: -recruit-postgres</h3>
       </table>
     </div>
     
-    <h3>Name: -vfps</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -vfps</p>
+    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -fhir-pseudonymizer-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1440,10 +1426,10 @@ <h3>Name: -vfps</h3>
       </table>
     </div>
     
-    <h3>Name: -datashield-opal</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -datashield-opal</p>
+    <h3>Name: -vfps-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -vfps-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1457,10 +1443,10 @@ <h3>Name: -datashield-opal</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">Low</td>
-          <td class="resourceNameCell">Immutable container filesystem</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0017">C-0017</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[2].securityContext.readOnlyRootFilesystem=true</p> </td>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure memory limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p> </td>
         </tr>
         
         <tr>
@@ -1470,14 +1456,21 @@ <h3>Name: -datashield-opal</h3>
           <td class="resourceRemediationCell"></td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps-migrations-v1-3-5</h3>
-      <p>ApiVersion: batch/v1</p>
-      <p>Kind: Job</p>
-      <p>Name: -vfps-migrations-v1-3-5</p>
+    <h3>Name: -gateway-vfps-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -gateway-vfps-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1501,10 +1494,10 @@ <h3>Name: -vfps-migrations-v1-3-5</h3>
       </table>
     </div>
     
-    <h3>Name: -ohdsi-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -ohdsi-test-connection</p>
+    <h3>Name: -recruit-postgres</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -recruit-postgres</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1518,17 +1511,17 @@ <h3>Name: -ohdsi-test-connection</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">Non-root containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0013">C-0013</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.runAsGroup=1000</p> </td>
         </tr>
         
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure memory limits are set</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
         </tr>
         
         <tr>
@@ -1538,14 +1531,28 @@ <h3>Name: -ohdsi-test-connection</h3>
           <td class="resourceRemediationCell"></td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">Low</td>
+          <td class="resourceNameCell">Immutable container filesystem</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0017">C-0017</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem=true</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -fhir-pseudonymizer-test-connection</p>
+    <h3>Name: -gateway-vfps</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -gateway-vfps</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1558,20 +1565,6 @@ <h3>Name: -fhir-pseudonymizer-test-connection</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure memory limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -1583,10 +1576,10 @@ <h3>Name: -fhir-pseudonymizer-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -mailhog</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: ServiceAccount</p>
-      <p>Name: -mailhog</p>
+    <h3>Name: -datashield-opal</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -datashield-opal</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1601,9 +1594,16 @@ <h3>Name: -mailhog</h3>
         
         <tr>
           <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">Automatic mapping of service account</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0034">C-0034</a></td>
-          <td class="resourceRemediationCell"> <p>automountServiceAccountToken=false</p> </td>
+          <td class="resourceNameCell">Ingress and Egress blocked</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0030">C-0030</a></td>
+          <td class="resourceRemediationCell"></td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">Low</td>
+          <td class="resourceNameCell">Immutable container filesystem</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0017">C-0017</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[2].securityContext.readOnlyRootFilesystem=true</p> </td>
         </tr>
         
         </tbody>