diff --git a/Netgrimoire/Audits/journiv-2026-05-04.md b/Netgrimoire/Audits/journiv-2026-05-04.md
new file mode 100644
index 0000000..e3f7bab
--- /dev/null
+++ b/Netgrimoire/Audits/journiv-2026-05-04.md
@@ -0,0 +1,25 @@
+---
+title: Audit - journiv.yaml
+description: Gremlin audit report 2026-05-04
+published: true
+date: 2026-05-04T11:19:00.124Z
+tags: gremlin,audit
+editor: markdown
+dateCreated: 2026-05-04T11:19:00.124Z
+---
+
+# Audit Report — journiv.yaml
+
+**Date:** 2026-05-04  
+**File:** swarm/journiv.yaml  
+**Type:** Docker Compose  
+**Verdict:** FAIL
+
+---
+
+PASS Caddyfile configured for admin access on port 2019.
+FAIL No explicit entries in the Caddyfile for services exposing ports. Review swarm/journiv.yaml for any service definitions that expose ports and ensure they are correctly referenced in the Caddyfile.
+FAIL There are default passwords used in the configuration, especially for Crowdsec. Replace default passwords with secure ones immediately.
+FAIL Some services are running in privileged mode. Verify if these privileges are necessary and reduce them to the minimum required for security.
+PASS No obvious unnecessary forwarded headers in the Caddyfile.
+VERDICT: FAIL
\ No newline at end of file