Detect exploit-active vulnerability surges, correlate them to internal exposure, and route owner-ready actions.
npm install
npm test
npm packRun from package/local source:
node src/cli.js run --fixtures fixturesnode src/cli.js run --fixtures fixtures # markdown + table + webhook + metrics
node src/cli.js table --fixtures fixtures # dashboard table view
node src/cli.js security-check # security checklist automation- KEV + advisory adapters
- Canonical schema validator
- CVE-to-asset correlator
- Urgency scoring v1 (P1/P2/P3)
- Markdown digest + webhook payload
- Fixture-based threshold tests
- Incremental sync checkpoints for feed adapters
- Confidence weighting for non-KEV signals
- Scoring explanation block per finding
- Owner grouping + dedup improvements
- Retry/backoff for adapter load failures
- Notification audit log
- Baseline metrics export
- Regression tests for scoring boundaries
- Configurable severity thresholds per environment (
fixtures/config.json) - Rule-based suppressions with time bounds (
fixtures/suppressions.json) - Basic dashboard export table (
cli table) - Packaging/install docs (
npm packpath) - Security review checklist automation (
cli security-check) - Performance tuning via CVE→asset pre-index in correlator