Vulnerability Analyzer Agent

AI-powered vulnerability analysis agent that queries security findings and enriches results with CISA KEV, exploit intelligence, and remediation recommendations.

Features

• CVE Analysis: Enter any CVE ID to get comprehensive vulnerability reports
• Wiz Integration: Simulated Wiz security platform findings with 250+ dummy CVEs
• CISA KEV Lookup: Check if vulnerabilities are in CISA's Known Exploited Vulnerabilities catalog
• Threat Intelligence: External exploit data, EPSS scores, and risk summaries
• Remediation Guidance: Actionable recommendations for each vulnerability
• Async UI: Non-blocking interface that remains responsive during searches
• Tenable API Placeholder: Ready for future Tenable.io integration

Quick Start

Option 1: Run Demo Script (Recommended)

./run-demo.sh

This script will:

• Start a local web server on port 8000
• Automatically open your browser to http://localhost:8000
• Display server status in the terminal

Option 2: Manual Start

# Start Python HTTP server
python3 -m http.server 8000

# Open browser to http://localhost:8000

Dependencies

No dependencies required! This is a static HTML/JS/CSS application that runs entirely in the browser.

Required:

• Python 3 (for HTTP server)
• Modern web browser (Chrome, Firefox, Safari, Edge)

Project Structure

Vulnerability Analyzer/
├── index.html          # Main application UI
├── app.js              # Application logic and event handlers
├── mockData.js         # 250+ dummy CVE findings and external intel
├── styles.css          # Application styling
├── run-demo.sh         # Demo startup script
└── README.md           # This file

Available CVEs for Testing

The application includes 250+ pre-populated CVEs for testing:

Featured CVEs (clickable in sidebar):

• CVE-2021-44228 (Log4Shell)
• CVE-2024-3400 (PAN-OS)
• CVE-2023-4966 (Citrix Bleed)
• CVE-2023-23397 (Outlook)
• CVE-2023-44487 (HTTP/2)
• CVE-2024-21762 (FortiOS)
• CVE-2022-30190 (Follina)
• CVE-2020-1472 (Zerologon)
• CVE-2021-34527 (PrintNightmare)
• CVE-2022-22965 (Spring4Shell)
• CVE-2019-0708 (BlueKeep)
• CVE-2023-29300 (ColdFusion)

Plus 240+ additional generated CVEs with varied:

• Severity levels (Critical, High, Medium, Low)
• Cloud providers (AWS, Azure, GCP)
• Asset types (VMs, Containers, Kubernetes, etc.)
• Exposure levels (Internet, Internal)
• Exploit status and CISA KEV data

Usage

1. Start the application: Run ./run-demo.sh
2. Enter a CVE ID: Type a CVE in the search box or click a sample CVE from the sidebar
3. View analysis: The app will display:
   • Wiz security findings (if found in your environment)
   • External threat intelligence
   • CISA KEV status
   • Risk priority and remediation recommendations

Future Integration

Wiz API

When ready to integrate with Wiz:

1. Add your Wiz API credentials
2. Replace mock data lookups with actual Wiz API calls
3. Update the analyzeCVE() function in app.js

Tenable API

A placeholder structure is already in place in mockData.js. To integrate:

1. Set TENABLE_INTEGRATION.enabled = true
2. Add your Tenable API credentials
3. Implement the queryTenableVulnerability() function
4. Add Tenable lookup alongside Wiz in analyzeCVE()

Troubleshooting

Port 8000 already in use:

# Kill existing process
lsof -ti:8000 | xargs kill -9
# Then run the demo script again
./run-demo.sh

Browser doesn't open automatically:

• Manually navigate to http://localhost:8000
• Check your browser's popup settings

UI freezes during search:

• The app uses async/await with requestAnimationFrame
• If issues persist, check browser console for errors

Demo Tips

• Use the sidebar sample CVEs for quick testing
• Try different severity levels to see varied risk priorities
• Test CVEs with and without Wiz findings to see different flows
• Use the "New chat" button to clear conversation history
• Toggle the sidebar using the hamburger menu icon in the top bar

License

Internal use for POC and demonstration purposes.