From d03760bd561fe8bff89ec2905c3491ded8f122a3 Mon Sep 17 00:00:00 2001
From: chgl <chgl@users.noreply.github.com>
Date: Tue, 17 Dec 2024 00:18:57 +0000
Subject: [PATCH] docs: updated kubescape reports

---
 kubescape-reports/cis-v1.23-t1.0.1.html | 676 ++++++++++++------------
 kubescape-reports/nsa.html              | 584 ++++++++++----------
 2 files changed, 630 insertions(+), 630 deletions(-)

diff --git a/kubescape-reports/cis-v1.23-t1.0.1.html b/kubescape-reports/cis-v1.23-t1.0.1.html
index ed2db7c2..12dd2eb3 100644
--- a/kubescape-reports/cis-v1.23-t1.0.1.html
+++ b/kubescape-reports/cis-v1.23-t1.0.1.html
@@ -320,10 +320,10 @@ <h2>Failed Resources:</h2>
     </br>
     
     
-    <h3>Name: -recruit-postgres</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -recruit-postgres</p>
+    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -fhir-pseudonymizer-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -336,28 +336,21 @@ <h3>Name: -recruit-postgres</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem=true</p>  <p>spec.template.spec.containers[0].securityContext.runAsGroup=1000</p>  <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-gateway-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -fhir-gateway-test-connection</p>
+    <h3>Name: -gateway-vfps-migrations-v1-3-5</h3>
+      <p>ApiVersion: batch/v1</p>
+      <p>Kind: Job</p>
+      <p>Name: -gateway-vfps-migrations-v1-3-5</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -374,17 +367,24 @@ <h3>Name: -fhir-gateway-test-connection</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps</h3>
+    <h3>Name: -fhir-gateway-gateway</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -vfps</p>
+      <p>Name: -fhir-gateway-gateway</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -397,13 +397,6 @@ <h3>Name: -vfps</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
@@ -411,6 +404,13 @@ <h3>Name: -vfps</h3>
           <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
@@ -442,10 +442,10 @@ <h3>Name: -postgresql</h3>
       </table>
     </div>
     
-    <h3>Name: -vfps-migrations-v1-3-5</h3>
-      <p>ApiVersion: batch/v1</p>
-      <p>Kind: Job</p>
-      <p>Name: -vfps-migrations-v1-3-5</p>
+    <h3>Name: -recruit-test-health-probes</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -recruit-test-health-probes</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -458,28 +458,48 @@ <h3>Name: -vfps-migrations-v1-3-5</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[2].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -vfps-test-connection</p>
+    <h3>Name: -postgresql</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -postgresql</p>
+      <p>Namespace: </p>
+      <table>
+        <thead>
+        <tr>
+          <th class="resourceSeverityCell">Severity</th>
+          <th class="resourceNameCell">Name</th>
+          <th class="resourceURLCell">Docs</th>
+          <th class="resourceRemediationCell">Assisted Remediation</th>
+        </tr>
+        </thead>
+        <tbody>
+        
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
+        </tr>
+        
+        </tbody>
+      </table>
+    </div>
+    
+    <h3>Name: -recruit-list</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -recruit-list</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -496,17 +516,17 @@ <h3>Name: -vfps-test-connection</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -gateway-vfps-test-connection</h3>
+    <h3>Name: -vfps-test-connection</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -gateway-vfps-test-connection</p>
+      <p>Name: -vfps-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -530,10 +550,10 @@ <h3>Name: -gateway-vfps-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -ohdsi-postgres</h3>
+    <h3>Name: -postgresql</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: StatefulSet</p>
-      <p>Name: -ohdsi-postgres</p>
+      <p>Name: -postgresql</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -546,6 +566,13 @@ <h3>Name: -ohdsi-postgres</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.runAsGroup=1000</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
@@ -557,10 +584,10 @@ <h3>Name: -ohdsi-postgres</h3>
       </table>
     </div>
     
-    <h3>Name: -recruit-query</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -recruit-query</p>
+    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -fhir-pseudonymizer-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -574,27 +601,47 @@ <h3>Name: -recruit-query</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+        </tr>
+        
+        </tbody>
+      </table>
+    </div>
+    
+    <h3>Name: -hapi-fhir-jpaserver-test-endpoints</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -hapi-fhir-jpaserver-test-endpoints</p>
+      <p>Namespace: </p>
+      <table>
+        <thead>
+        <tr>
+          <th class="resourceSeverityCell">Severity</th>
+          <th class="resourceNameCell">Name</th>
+          <th class="resourceURLCell">Docs</th>
+          <th class="resourceRemediationCell">Assisted Remediation</th>
         </tr>
+        </thead>
+        <tbody>
         
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[2].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-gateway-loinc-converter</h3>
+    <h3>Name: -fhir-pseudonymizer</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -fhir-gateway-loinc-converter</p>
+      <p>Name: -fhir-pseudonymizer</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -618,10 +665,10 @@ <h3>Name: -fhir-gateway-loinc-converter</h3>
       </table>
     </div>
     
-    <h3>Name: -mailhog</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: ServiceAccount</p>
-      <p>Name: -mailhog</p>
+    <h3>Name: -vfps-migrations-v1-3-5</h3>
+      <p>ApiVersion: batch/v1</p>
+      <p>Kind: Job</p>
+      <p>Name: -vfps-migrations-v1-3-5</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -634,21 +681,28 @@ <h3>Name: -mailhog</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.1.6 Ensure that Service Account Tokens are only mounted where necessary</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0190">C-0190</a></td>
-          <td class="resourceRemediationCell"> <p>automountServiceAccountToken=false</p> </td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -postgresql</h3>
+    <h3>Name: -ohdsi-atlas</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -postgresql</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -ohdsi-atlas</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -662,20 +716,20 @@ <h3>Name: -postgresql</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem=true</p>  <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -hapi-fhir-jpaserver-test-endpoints</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -hapi-fhir-jpaserver-test-endpoints</p>
+    <h3>Name: -hapi-fhir-jpaserver</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -hapi-fhir-jpaserver</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -692,17 +746,24 @@ <h3>Name: -hapi-fhir-jpaserver-test-endpoints</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[2].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[2].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
+    <h3>Name: -datashield-test-connection</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -fhir-pseudonymizer-test-connection</p>
+      <p>Name: -datashield-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -726,10 +787,10 @@ <h3>Name: -fhir-pseudonymizer-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer</h3>
+    <h3>Name: -ohdsi-postgres</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -fhir-pseudonymizer</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -ohdsi-postgres</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -743,20 +804,20 @@ <h3>Name: -fhir-pseudonymizer</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -blaze</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -blaze</p>
+    <h3>Name: -gateway-vfps-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -gateway-vfps-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -773,7 +834,7 @@ <h3>Name: -blaze</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
@@ -807,10 +868,10 @@ <h3>Name: -blaze-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -recruit-notify</h3>
+    <h3>Name: -ohdsi-webapi</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -recruit-notify</p>
+      <p>Name: -ohdsi-webapi</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -823,13 +884,6 @@ <h3>Name: -recruit-notify</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[7].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
@@ -837,14 +891,21 @@ <h3>Name: -recruit-notify</h3>
           <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
-        </tbody>
-      </table>
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[14].name</p>  <p>spec.template.spec.containers[0].env[4].name</p> </td>
+        </tr>
+        
+        </tbody>
+      </table>
     </div>
     
-    <h3>Name: -vfps-postgres</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -vfps-postgres</p>
+    <h3>Name: -vfps-migrations-v1-3-5</h3>
+      <p>ApiVersion: batch/v1</p>
+      <p>Kind: Job</p>
+      <p>Name: -vfps-migrations-v1-3-5</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -857,21 +918,28 @@ <h3>Name: -vfps-postgres</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -datashield-opal</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -datashield-opal</p>
+    <h3>Name: -vfps-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -vfps-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -884,28 +952,21 @@ <h3>Name: -datashield-opal</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[2].env[12].name</p>  <p>spec.template.spec.containers[2].env[16].name</p>  <p>spec.template.spec.containers[2].env[1].name</p>  <p>spec.template.spec.containers[2].env[4].name</p>  <p>spec.template.spec.containers[2].env[6].name</p>  <p>spec.template.spec.containers[2].env[8].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[2].securityContext.readOnlyRootFilesystem=true</p>  <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.containers[2].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer</h3>
+    <h3>Name: -recruit-query</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -fhir-pseudonymizer</p>
+      <p>Name: -recruit-query</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -925,14 +986,21 @@ <h3>Name: -fhir-pseudonymizer</h3>
           <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -postgresql</h3>
+    <h3>Name: -datashield-rock</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: StatefulSet</p>
-      <p>Name: -postgresql</p>
+      <p>Name: -datashield-rock</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -945,28 +1013,28 @@ <h3>Name: -postgresql</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.runAsGroup=1000</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.containers[2].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[2].env[4].name</p>  <p>spec.template.spec.containers[2].env[6].name</p>  <p>spec.template.spec.containers[2].env[8].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -vfps-test-connection</p>
+    <h3>Name: -postgresql</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -postgresql</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -980,20 +1048,20 @@ <h3>Name: -vfps-test-connection</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps</h3>
+    <h3>Name: -fhir-pseudonymizer</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -vfps</p>
+      <p>Name: -fhir-pseudonymizer</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1006,13 +1074,6 @@ <h3>Name: -vfps</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
@@ -1024,10 +1085,10 @@ <h3>Name: -vfps</h3>
       </table>
     </div>
     
-    <h3>Name: -ohdsi-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -ohdsi-test-connection</p>
+    <h3>Name: -fhir-gateway-loinc-converter</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -fhir-gateway-loinc-converter</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1044,17 +1105,17 @@ <h3>Name: -ohdsi-test-connection</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps-migrations-v1-3-5</h3>
-      <p>ApiVersion: batch/v1</p>
-      <p>Kind: Job</p>
-      <p>Name: -vfps-migrations-v1-3-5</p>
+    <h3>Name: -vfps</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -vfps</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1067,6 +1128,13 @@ <h3>Name: -vfps-migrations-v1-3-5</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
@@ -1074,21 +1142,14 @@ <h3>Name: -vfps-migrations-v1-3-5</h3>
           <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
         </tr>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
-        </tr>
-        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-gateway-gateway</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -fhir-gateway-gateway</p>
+    <h3>Name: -mailhog</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: ServiceAccount</p>
+      <p>Name: -mailhog</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1103,26 +1164,19 @@ <h3>Name: -fhir-gateway-gateway</h3>
         
         <tr>
           <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceNameCell">CIS-5.1.6 Ensure that Service Account Tokens are only mounted where necessary</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0190">C-0190</a></td>
+          <td class="resourceRemediationCell"> <p>automountServiceAccountToken=false</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -ohdsi-webapi</h3>
+    <h3>Name: -recruit-notify</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -ohdsi-webapi</p>
+      <p>Name: -recruit-notify</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1135,13 +1189,6 @@ <h3>Name: -ohdsi-webapi</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[14].name</p>  <p>spec.template.spec.containers[0].env[4].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
@@ -1149,14 +1196,21 @@ <h3>Name: -ohdsi-webapi</h3>
           <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[7].name</p> </td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -fhir-pseudonymizer-test-connection</p>
+    <h3>Name: -mailhog</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -mailhog</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1173,17 +1227,17 @@ <h3>Name: -fhir-pseudonymizer-test-connection</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -postgresql</h3>
+    <h3>Name: -blaze</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: StatefulSet</p>
-      <p>Name: -postgresql</p>
+      <p>Name: -blaze</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1197,20 +1251,20 @@ <h3>Name: -postgresql</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -datashield-rock</h3>
+    <h3>Name: -gateway-vfps</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -datashield-rock</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -gateway-vfps</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1223,18 +1277,18 @@ <h3>Name: -datashield-rock</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[2].env[4].name</p>  <p>spec.template.spec.containers[2].env[6].name</p>  <p>spec.template.spec.containers[2].env[8].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.containers[2].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
         </tr>
         
         </tbody>
@@ -1268,10 +1322,10 @@ <h3>Name: -postgresql</h3>
       </table>
     </div>
     
-    <h3>Name: -gateway-vfps-migrations-v1-3-5</h3>
-      <p>ApiVersion: batch/v1</p>
-      <p>Kind: Job</p>
-      <p>Name: -gateway-vfps-migrations-v1-3-5</p>
+    <h3>Name: -ohdsi-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -ohdsi-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1284,28 +1338,21 @@ <h3>Name: -gateway-vfps-migrations-v1-3-5</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -ohdsi-atlas</h3>
+    <h3>Name: -vfps</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -ohdsi-atlas</p>
+      <p>Name: -vfps</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1322,17 +1369,24 @@ <h3>Name: -ohdsi-atlas</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem=true</p>  <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -recruit-list</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -recruit-list</p>
+    <h3>Name: -fhir-gateway-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -fhir-gateway-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1349,7 +1403,7 @@ <h3>Name: -recruit-list</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
@@ -1383,10 +1437,10 @@ <h3>Name: -fhir-pseudonymizer-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer</h3>
+    <h3>Name: -postgresql</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -fhir-pseudonymizer</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -postgresql</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1400,20 +1454,20 @@ <h3>Name: -fhir-pseudonymizer</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -recruit-test-health-probes</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -recruit-test-health-probes</p>
+    <h3>Name: -recruit-postgres</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -recruit-postgres</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1430,17 +1484,24 @@ <h3>Name: -recruit-test-health-probes</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[2].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem=true</p>  <p>spec.template.spec.containers[0].securityContext.runAsGroup=1000</p>  <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[4].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -hapi-fhir-jpaserver</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -hapi-fhir-jpaserver</p>
+    <h3>Name: -vfps-migrations-v1-3-5</h3>
+      <p>ApiVersion: batch/v1</p>
+      <p>Kind: Job</p>
+      <p>Name: -vfps-migrations-v1-3-5</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1453,28 +1514,28 @@ <h3>Name: -hapi-fhir-jpaserver</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[2].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -vfps-test-connection</p>
+    <h3>Name: -fhir-pseudonymizer</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -fhir-pseudonymizer</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1491,17 +1552,17 @@ <h3>Name: -vfps-test-connection</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps-migrations-v1-3-5</h3>
-      <p>ApiVersion: batch/v1</p>
-      <p>Kind: Job</p>
-      <p>Name: -vfps-migrations-v1-3-5</p>
+    <h3>Name: -vfps-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -vfps-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1514,28 +1575,21 @@ <h3>Name: -vfps-migrations-v1-3-5</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -postgresql</h3>
+    <h3>Name: -vfps-postgres</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: StatefulSet</p>
-      <p>Name: -postgresql</p>
+      <p>Name: -vfps-postgres</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1575,13 +1629,6 @@ <h3>Name: -vfps</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
@@ -1589,53 +1636,6 @@ <h3>Name: -vfps</h3>
           <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
         </tr>
         
-        </tbody>
-      </table>
-    </div>
-    
-    <h3>Name: -mailhog</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -mailhog</p>
-      <p>Namespace: </p>
-      <table>
-        <thead>
-        <tr>
-          <th class="resourceSeverityCell">Severity</th>
-          <th class="resourceNameCell">Name</th>
-          <th class="resourceURLCell">Docs</th>
-          <th class="resourceRemediationCell">Assisted Remediation</th>
-        </tr>
-        </thead>
-        <tbody>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
-        </tr>
-        
-        </tbody>
-      </table>
-    </div>
-    
-    <h3>Name: -gateway-vfps</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -gateway-vfps</p>
-      <p>Namespace: </p>
-      <table>
-        <thead>
-        <tr>
-          <th class="resourceSeverityCell">Severity</th>
-          <th class="resourceNameCell">Name</th>
-          <th class="resourceURLCell">Docs</th>
-          <th class="resourceRemediationCell">Assisted Remediation</th>
-        </tr>
-        </thead>
-        <tbody>
-        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
@@ -1643,21 +1643,14 @@ <h3>Name: -gateway-vfps</h3>
           <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[3].name</p> </td>
         </tr>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroup=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
-        </tr>
-        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -datashield-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -datashield-test-connection</p>
+    <h3>Name: -datashield-opal</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -datashield-opal</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1674,7 +1667,14 @@ <h3>Name: -datashield-test-connection</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">CIS-5.7.3 Apply Security Context to Your Pods and Containers</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0211">C-0211</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[2].securityContext.readOnlyRootFilesystem=true</p>  <p>spec.template.spec.containers[0].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.containers[1].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.containers[2].securityContext.seLinuxOptions=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.fsGroupChangePolicy=Always</p>  <p>spec.template.spec.securityContext.sysctls.name=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.sysctls.value=YOUR_VALUE</p>  <p>spec.template.spec.securityContext.supplementalGroups=YOUR_VALUE</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">CIS-5.4.1 Prefer using secrets as files over secrets as environment variables</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0207">C-0207</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[2].env[12].name</p>  <p>spec.template.spec.containers[2].env[16].name</p>  <p>spec.template.spec.containers[2].env[1].name</p>  <p>spec.template.spec.containers[2].env[4].name</p>  <p>spec.template.spec.containers[2].env[6].name</p>  <p>spec.template.spec.containers[2].env[8].name</p> </td>
         </tr>
         
         </tbody>
diff --git a/kubescape-reports/nsa.html b/kubescape-reports/nsa.html
index 13c8f8d4..c1d2ab0f 100644
--- a/kubescape-reports/nsa.html
+++ b/kubescape-reports/nsa.html
@@ -284,10 +284,10 @@ <h2>Failed Resources:</h2>
     </br>
     
     
-    <h3>Name: -ohdsi-atlas</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -ohdsi-atlas</p>
+    <h3>Name: -gateway-vfps-migrations-v1-3-5</h3>
+      <p>ApiVersion: batch/v1</p>
+      <p>Kind: Job</p>
+      <p>Name: -gateway-vfps-migrations-v1-3-5</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -301,25 +301,31 @@ <h3>Name: -ohdsi-atlas</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure memory limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">Ingress and Egress blocked</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0030">C-0030</a></td>
+          <td class="resourceRemediationCell"></td>
         </tr>
         
+        </tbody>
+      </table>
+    </div>
+    
+    <h3>Name: -vfps-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -vfps-test-connection</p>
+      <p>Namespace: </p>
+      <table>
+        <thead>
         <tr>
-          <td class="resourceSeverityCell">Low</td>
-          <td class="resourceNameCell">Immutable container filesystem</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0017">C-0017</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem=true</p> </td>
+          <th class="resourceSeverityCell">Severity</th>
+          <th class="resourceNameCell">Name</th>
+          <th class="resourceURLCell">Docs</th>
+          <th class="resourceRemediationCell">Assisted Remediation</th>
         </tr>
+        </thead>
+        <tbody>
         
         <tr>
           <td class="resourceSeverityCell">Medium</td>
@@ -332,10 +338,10 @@ <h3>Name: -ohdsi-atlas</h3>
       </table>
     </div>
     
-    <h3>Name: -gateway-vfps-test-connection</h3>
+    <h3>Name: -hapi-fhir-jpaserver-test-endpoints</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -gateway-vfps-test-connection</p>
+      <p>Name: -hapi-fhir-jpaserver-test-endpoints</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -348,6 +354,20 @@ <h3>Name: -gateway-vfps-test-connection</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[2].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure memory limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[2].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -359,10 +379,10 @@ <h3>Name: -gateway-vfps-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -datashield-opal</h3>
+    <h3>Name: -recruit-postgres</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: StatefulSet</p>
-      <p>Name: -datashield-opal</p>
+      <p>Name: -recruit-postgres</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -375,11 +395,32 @@ <h3>Name: -datashield-opal</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">Non-root containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0013">C-0013</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.runAsGroup=1000</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">Low</td>
           <td class="resourceNameCell">Immutable container filesystem</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0017">C-0017</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[2].securityContext.readOnlyRootFilesystem=true</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem=true</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure memory limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
         </tr>
         
         <tr>
@@ -393,10 +434,10 @@ <h3>Name: -datashield-opal</h3>
       </table>
     </div>
     
-    <h3>Name: -vfps</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -vfps</p>
+    <h3>Name: -vfps-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -vfps-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -413,14 +454,14 @@ <h3>Name: -vfps</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure CPU limits are set</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p> </td>
         </tr>
         
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure memory limits are set</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p> </td>
         </tr>
         
         <tr>
@@ -475,10 +516,10 @@ <h3>Name: -hapi-fhir-jpaserver</h3>
       </table>
     </div>
     
-    <h3>Name: -blaze-test-connection</h3>
+    <h3>Name: -vfps-test-connection</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -blaze-test-connection</p>
+      <p>Name: -vfps-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -502,10 +543,10 @@ <h3>Name: -blaze-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -hapi-fhir-jpaserver-test-endpoints</h3>
+    <h3>Name: -datashield-test-connection</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -hapi-fhir-jpaserver-test-endpoints</p>
+      <p>Name: -datashield-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -518,20 +559,6 @@ <h3>Name: -hapi-fhir-jpaserver-test-endpoints</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[2].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure memory limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[2].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -543,10 +570,10 @@ <h3>Name: -hapi-fhir-jpaserver-test-endpoints</h3>
       </table>
     </div>
     
-    <h3>Name: -vfps-migrations-v1-3-5</h3>
-      <p>ApiVersion: batch/v1</p>
-      <p>Kind: Job</p>
-      <p>Name: -vfps-migrations-v1-3-5</p>
+    <h3>Name: -mailhog</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -mailhog</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -584,10 +611,10 @@ <h3>Name: -vfps-migrations-v1-3-5</h3>
       </table>
     </div>
     
-    <h3>Name: -recruit-query</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -recruit-query</p>
+    <h3>Name: -fhir-gateway-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -fhir-gateway-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -600,20 +627,6 @@ <h3>Name: -recruit-query</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure memory limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -625,10 +638,10 @@ <h3>Name: -recruit-query</h3>
       </table>
     </div>
     
-    <h3>Name: -recruit-postgres</h3>
+    <h3>Name: -recruit-notify</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -recruit-postgres</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -recruit-notify</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -648,13 +661,6 @@ <h3>Name: -recruit-postgres</h3>
           <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
         </tr>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">Non-root containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0013">C-0013</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.runAsGroup=1000</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure memory limits are set</td>
@@ -662,13 +668,6 @@ <h3>Name: -recruit-postgres</h3>
           <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
         </tr>
         
-        <tr>
-          <td class="resourceSeverityCell">Low</td>
-          <td class="resourceNameCell">Immutable container filesystem</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0017">C-0017</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem=true</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -707,10 +706,10 @@ <h3>Name: -datashield-rock</h3>
       </table>
     </div>
     
-    <h3>Name: -vfps-migrations-v1-3-5</h3>
-      <p>ApiVersion: batch/v1</p>
-      <p>Kind: Job</p>
-      <p>Name: -vfps-migrations-v1-3-5</p>
+    <h3>Name: -gateway-vfps-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -gateway-vfps-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -734,10 +733,10 @@ <h3>Name: -vfps-migrations-v1-3-5</h3>
       </table>
     </div>
     
-    <h3>Name: -fhir-gateway-gateway</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -fhir-gateway-gateway</p>
+    <h3>Name: -ohdsi-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -ohdsi-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -751,31 +750,18 @@ <h3>Name: -fhir-gateway-gateway</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">Ingress and Egress blocked</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0030">C-0030</a></td>
-          <td class="resourceRemediationCell"></td>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
         </tr>
         
-        </tbody>
-      </table>
-    </div>
-    
-    <h3>Name: -gateway-vfps</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -gateway-vfps</p>
-      <p>Namespace: </p>
-      <table>
-        <thead>
         <tr>
-          <th class="resourceSeverityCell">Severity</th>
-          <th class="resourceNameCell">Name</th>
-          <th class="resourceURLCell">Docs</th>
-          <th class="resourceRemediationCell">Assisted Remediation</th>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure memory limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
         </tr>
-        </thead>
-        <tbody>
         
         <tr>
           <td class="resourceSeverityCell">Medium</td>
@@ -788,10 +774,10 @@ <h3>Name: -gateway-vfps</h3>
       </table>
     </div>
     
-    <h3>Name: -blaze</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -blaze</p>
+    <h3>Name: -recruit-test-health-probes</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -recruit-test-health-probes</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -805,31 +791,18 @@ <h3>Name: -blaze</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">Ingress and Egress blocked</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0030">C-0030</a></td>
-          <td class="resourceRemediationCell"></td>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[2].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p> </td>
         </tr>
         
-        </tbody>
-      </table>
-    </div>
-    
-    <h3>Name: -datashield-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -datashield-test-connection</p>
-      <p>Namespace: </p>
-      <table>
-        <thead>
         <tr>
-          <th class="resourceSeverityCell">Severity</th>
-          <th class="resourceNameCell">Name</th>
-          <th class="resourceURLCell">Docs</th>
-          <th class="resourceRemediationCell">Assisted Remediation</th>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure memory limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
+          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[2].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p> </td>
         </tr>
-        </thead>
-        <tbody>
         
         <tr>
           <td class="resourceSeverityCell">Medium</td>
@@ -842,10 +815,10 @@ <h3>Name: -datashield-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -vfps</h3>
+    <h3>Name: -ohdsi-atlas</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -vfps</p>
+      <p>Name: -ohdsi-atlas</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -859,31 +832,11 @@ <h3>Name: -vfps</h3>
         <tbody>
         
         <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">Ingress and Egress blocked</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0030">C-0030</a></td>
-          <td class="resourceRemediationCell"></td>
-        </tr>
-        
-        </tbody>
-      </table>
-    </div>
-    
-    <h3>Name: -recruit-list</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -recruit-list</p>
-      <p>Namespace: </p>
-      <table>
-        <thead>
-        <tr>
-          <th class="resourceSeverityCell">Severity</th>
-          <th class="resourceNameCell">Name</th>
-          <th class="resourceURLCell">Docs</th>
-          <th class="resourceRemediationCell">Assisted Remediation</th>
+          <td class="resourceSeverityCell">Low</td>
+          <td class="resourceNameCell">Immutable container filesystem</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0017">C-0017</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.readOnlyRootFilesystem=true</p> </td>
         </tr>
-        </thead>
-        <tbody>
         
         <tr>
           <td class="resourceSeverityCell">High</td>
@@ -899,13 +852,6 @@ <h3>Name: -recruit-list</h3>
           <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
         </tr>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Applications credentials in configuration files</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0012">C-0012</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[1].name</p>  <p>spec.template.spec.containers[0].env[1].value</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -917,10 +863,10 @@ <h3>Name: -recruit-list</h3>
       </table>
     </div>
     
-    <h3>Name: -fhir-gateway-loinc-converter</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -fhir-gateway-loinc-converter</p>
+    <h3>Name: -vfps-migrations-v1-3-5</h3>
+      <p>ApiVersion: batch/v1</p>
+      <p>Kind: Job</p>
+      <p>Name: -vfps-migrations-v1-3-5</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -944,10 +890,10 @@ <h3>Name: -fhir-gateway-loinc-converter</h3>
       </table>
     </div>
     
-    <h3>Name: -mailhog</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: ServiceAccount</p>
-      <p>Name: -mailhog</p>
+    <h3>Name: -fhir-pseudonymizer</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -fhir-pseudonymizer</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -962,19 +908,19 @@ <h3>Name: -mailhog</h3>
         
         <tr>
           <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">Automatic mapping of service account</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0034">C-0034</a></td>
-          <td class="resourceRemediationCell"> <p>automountServiceAccountToken=false</p> </td>
+          <td class="resourceNameCell">Ingress and Egress blocked</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0030">C-0030</a></td>
+          <td class="resourceRemediationCell"></td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-gateway-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -fhir-gateway-test-connection</p>
+    <h3>Name: -fhir-pseudonymizer</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -fhir-pseudonymizer</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -998,10 +944,10 @@ <h3>Name: -fhir-gateway-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -fhir-pseudonymizer-test-connection</p>
+    <h3>Name: -vfps</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -vfps</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1025,10 +971,10 @@ <h3>Name: -fhir-pseudonymizer-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer</h3>
+    <h3>Name: -blaze</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -fhir-pseudonymizer</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -blaze</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1052,10 +998,10 @@ <h3>Name: -fhir-pseudonymizer</h3>
       </table>
     </div>
     
-    <h3>Name: -recruit-notify</h3>
+    <h3>Name: -fhir-gateway-loinc-converter</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -recruit-notify</p>
+      <p>Name: -fhir-gateway-loinc-converter</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1068,20 +1014,6 @@ <h3>Name: -recruit-notify</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure memory limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -1093,10 +1025,10 @@ <h3>Name: -recruit-notify</h3>
       </table>
     </div>
     
-    <h3>Name: -ohdsi-webapi</h3>
+    <h3>Name: -postgresql</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -ohdsi-webapi</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -postgresql</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1109,6 +1041,13 @@ <h3>Name: -ohdsi-webapi</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">Non-root containers</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0013">C-0013</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.runAsGroup=1000</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure CPU limits are set</td>
@@ -1123,21 +1062,14 @@ <h3>Name: -ohdsi-webapi</h3>
           <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
         </tr>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">Ingress and Egress blocked</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0030">C-0030</a></td>
-          <td class="resourceRemediationCell"></td>
-        </tr>
-        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -ohdsi-test-connection</h3>
+    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -ohdsi-test-connection</p>
+      <p>Name: -fhir-pseudonymizer-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1150,20 +1082,6 @@ <h3>Name: -ohdsi-test-connection</h3>
         </thead>
         <tbody>
         
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure CPU limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
-        </tr>
-        
-        <tr>
-          <td class="resourceSeverityCell">High</td>
-          <td class="resourceNameCell">Ensure memory limits are set</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -1175,10 +1093,10 @@ <h3>Name: -ohdsi-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer</h3>
+    <h3>Name: -fhir-gateway-gateway</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -fhir-pseudonymizer</p>
+      <p>Name: -fhir-gateway-gateway</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1229,10 +1147,10 @@ <h3>Name: -vfps</h3>
       </table>
     </div>
     
-    <h3>Name: -postgresql</h3>
+    <h3>Name: -fhir-pseudonymizer</h3>
       <p>ApiVersion: apps/v1</p>
-      <p>Kind: StatefulSet</p>
-      <p>Name: -postgresql</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -fhir-pseudonymizer</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1252,13 +1170,6 @@ <h3>Name: -postgresql</h3>
           <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
         </tr>
         
-        <tr>
-          <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">Non-root containers</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0013">C-0013</a></td>
-          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].securityContext.runAsGroup=1000</p> </td>
-        </tr>
-        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure memory limits are set</td>
@@ -1266,14 +1177,21 @@ <h3>Name: -postgresql</h3>
           <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
         </tr>
         
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">Ingress and Egress blocked</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0030">C-0030</a></td>
+          <td class="resourceRemediationCell"></td>
+        </tr>
+        
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -vfps-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -vfps-test-connection</p>
+    <h3>Name: -vfps</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -vfps</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1290,14 +1208,14 @@ <h3>Name: -vfps-test-connection</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure CPU limits are set</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
         </tr>
         
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure memory limits are set</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
         </tr>
         
         <tr>
@@ -1311,10 +1229,10 @@ <h3>Name: -vfps-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer</h3>
-      <p>ApiVersion: apps/v1</p>
-      <p>Kind: Deployment</p>
-      <p>Name: -fhir-pseudonymizer</p>
+    <h3>Name: -vfps-migrations-v1-3-5</h3>
+      <p>ApiVersion: batch/v1</p>
+      <p>Kind: Job</p>
+      <p>Name: -vfps-migrations-v1-3-5</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1352,10 +1270,10 @@ <h3>Name: -fhir-pseudonymizer</h3>
       </table>
     </div>
     
-    <h3>Name: -vfps-test-connection</h3>
+    <h3>Name: -mailhog</h3>
       <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -vfps-test-connection</p>
+      <p>Kind: ServiceAccount</p>
+      <p>Name: -mailhog</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1370,19 +1288,19 @@ <h3>Name: -vfps-test-connection</h3>
         
         <tr>
           <td class="resourceSeverityCell">Medium</td>
-          <td class="resourceNameCell">Ingress and Egress blocked</td>
-          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0030">C-0030</a></td>
-          <td class="resourceRemediationCell"></td>
+          <td class="resourceNameCell">Automatic mapping of service account</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0034">C-0034</a></td>
+          <td class="resourceRemediationCell"> <p>automountServiceAccountToken=false</p> </td>
         </tr>
         
         </tbody>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -fhir-pseudonymizer-test-connection</p>
+    <h3>Name: -recruit-list</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -recruit-list</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1395,18 +1313,25 @@ <h3>Name: -fhir-pseudonymizer-test-connection</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Applications credentials in configuration files</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0012">C-0012</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].env[1].name</p>  <p>spec.template.spec.containers[0].env[1].value</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure CPU limits are set</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
         </tr>
         
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure memory limits are set</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
         </tr>
         
         <tr>
@@ -1420,10 +1345,64 @@ <h3>Name: -fhir-pseudonymizer-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -recruit-test-health-probes</h3>
+    <h3>Name: -vfps-migrations-v1-3-5</h3>
+      <p>ApiVersion: batch/v1</p>
+      <p>Kind: Job</p>
+      <p>Name: -vfps-migrations-v1-3-5</p>
+      <p>Namespace: </p>
+      <table>
+        <thead>
+        <tr>
+          <th class="resourceSeverityCell">Severity</th>
+          <th class="resourceNameCell">Name</th>
+          <th class="resourceURLCell">Docs</th>
+          <th class="resourceRemediationCell">Assisted Remediation</th>
+        </tr>
+        </thead>
+        <tbody>
+        
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">Ingress and Egress blocked</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0030">C-0030</a></td>
+          <td class="resourceRemediationCell"></td>
+        </tr>
+        
+        </tbody>
+      </table>
+    </div>
+    
+    <h3>Name: -gateway-vfps</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -gateway-vfps</p>
+      <p>Namespace: </p>
+      <table>
+        <thead>
+        <tr>
+          <th class="resourceSeverityCell">Severity</th>
+          <th class="resourceNameCell">Name</th>
+          <th class="resourceURLCell">Docs</th>
+          <th class="resourceRemediationCell">Assisted Remediation</th>
+        </tr>
+        </thead>
+        <tbody>
+        
+        <tr>
+          <td class="resourceSeverityCell">Medium</td>
+          <td class="resourceNameCell">Ingress and Egress blocked</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0030">C-0030</a></td>
+          <td class="resourceRemediationCell"></td>
+        </tr>
+        
+        </tbody>
+      </table>
+    </div>
+    
+    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -recruit-test-health-probes</p>
+      <p>Name: -fhir-pseudonymizer-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1440,14 +1419,14 @@ <h3>Name: -recruit-test-health-probes</h3>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure CPU limits are set</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[2].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[1].resources.limits.cpu=YOUR_VALUE</p>  <p>spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
         </tr>
         
         <tr>
           <td class="resourceSeverityCell">High</td>
           <td class="resourceNameCell">Ensure memory limits are set</td>
           <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
-          <td class="resourceRemediationCell"> <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[2].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p> </td>
+          <td class="resourceRemediationCell"> <p>spec.containers[1].resources.limits.memory=YOUR_VALUE</p>  <p>spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
         </tr>
         
         <tr>
@@ -1461,10 +1440,10 @@ <h3>Name: -recruit-test-health-probes</h3>
       </table>
     </div>
     
-    <h3>Name: -vfps-migrations-v1-3-5</h3>
-      <p>ApiVersion: batch/v1</p>
-      <p>Kind: Job</p>
-      <p>Name: -vfps-migrations-v1-3-5</p>
+    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
+      <p>ApiVersion: v1</p>
+      <p>Kind: Pod</p>
+      <p>Name: -fhir-pseudonymizer-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1488,10 +1467,10 @@ <h3>Name: -vfps-migrations-v1-3-5</h3>
       </table>
     </div>
     
-    <h3>Name: -mailhog</h3>
+    <h3>Name: -recruit-query</h3>
       <p>ApiVersion: apps/v1</p>
       <p>Kind: Deployment</p>
-      <p>Name: -mailhog</p>
+      <p>Name: -recruit-query</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1529,10 +1508,10 @@ <h3>Name: -mailhog</h3>
       </table>
     </div>
     
-    <h3>Name: -fhir-pseudonymizer-test-connection</h3>
+    <h3>Name: -blaze-test-connection</h3>
       <p>ApiVersion: v1</p>
       <p>Kind: Pod</p>
-      <p>Name: -fhir-pseudonymizer-test-connection</p>
+      <p>Name: -blaze-test-connection</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1556,10 +1535,10 @@ <h3>Name: -fhir-pseudonymizer-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -vfps-test-connection</h3>
-      <p>ApiVersion: v1</p>
-      <p>Kind: Pod</p>
-      <p>Name: -vfps-test-connection</p>
+    <h3>Name: -ohdsi-webapi</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: Deployment</p>
+      <p>Name: -ohdsi-webapi</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1572,6 +1551,20 @@ <h3>Name: -vfps-test-connection</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure CPU limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0270">C-0270</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.cpu=YOUR_VALUE</p> </td>
+        </tr>
+        
+        <tr>
+          <td class="resourceSeverityCell">High</td>
+          <td class="resourceNameCell">Ensure memory limits are set</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0271">C-0271</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[0].resources.limits.memory=YOUR_VALUE</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>
@@ -1583,10 +1576,10 @@ <h3>Name: -vfps-test-connection</h3>
       </table>
     </div>
     
-    <h3>Name: -gateway-vfps-migrations-v1-3-5</h3>
-      <p>ApiVersion: batch/v1</p>
-      <p>Kind: Job</p>
-      <p>Name: -gateway-vfps-migrations-v1-3-5</p>
+    <h3>Name: -datashield-opal</h3>
+      <p>ApiVersion: apps/v1</p>
+      <p>Kind: StatefulSet</p>
+      <p>Name: -datashield-opal</p>
       <p>Namespace: </p>
       <table>
         <thead>
@@ -1599,6 +1592,13 @@ <h3>Name: -gateway-vfps-migrations-v1-3-5</h3>
         </thead>
         <tbody>
         
+        <tr>
+          <td class="resourceSeverityCell">Low</td>
+          <td class="resourceNameCell">Immutable container filesystem</td>
+          <td class="resourceURLCell"><a href="https://hub.armosec.io/docs/c-0017">C-0017</a></td>
+          <td class="resourceRemediationCell"> <p>spec.template.spec.containers[2].securityContext.readOnlyRootFilesystem=true</p> </td>
+        </tr>
+        
         <tr>
           <td class="resourceSeverityCell">Medium</td>
           <td class="resourceNameCell">Ingress and Egress blocked</td>