diff --git a/findings/insecure-db.tf b/findings/insecure-db.tf
new file mode 100644
index 0000000..038e20c
--- /dev/null
+++ b/findings/insecure-db.tf
@@ -0,0 +1,12 @@
+resource "aws_db_instance" "default" {
+  allocated_storage    = 10
+  engine               = "mysql"
+  engine_version       = "5.7"
+  instance_class       = "db.t3.micro"
+  name                 = "mydb"
+  username             = "foo"
+  password             = "foobarbaz"
+  parameter_group_name = "default.mysql5.7"
+  skip_final_snapshot  = true
+  publicly_accessible = true
+}