Important

• This project is under active development
• New features, such as the ability to edit team members and asset groups, will be implemented soon
• Contributions and suggestions are welcome!

Unified Vulnerability Management Platform

An interactive web application built with Streamlit for fetching, analyzing, and managing vulnerability data from the NIST National Vulnerability Database (NVD ).

Overview

This platform provides a centralized, all-in-one solution for security professionals and development teams to stay on top of the latest CVEs. It integrates data fetching, interactive dashboards, remediation tracking, and asset-based analysis into a single, easy-to-use tool, eliminating the need for multiple scripts and spreadsheets.

Key Features

• Direct NVD Integration: Fetches the latest CVE data directly from the NVD API with a progress bar and status updates.
• Interactive Dashboard: Visualizes vulnerability data with charts for severity distribution and historical trends.
• Advanced Filtering & Searching: Easily search and filter through thousands of CVEs by severity, CVSS score, or keyword in the description.
• Remediation Tracking: Add vulnerabilities to a remediation queue, assign them to team members, and track their status from "New" to "Resolved."
• Team Management: Create and manage teams to streamline the assignment of remediation tasks.
• Asset-Based Analysis: Group software or hardware assets (e.g., "Apache," "MySQL") to quickly see all vulnerabilities that affect them.
• Reporting & Analytics: Monitor team performance and review a log of all recent activities within the platform.

Technical Stack

• Language: Python
• Framework: Streamlit
• Core Libraries: Pandas, Plotly, Requests

Getting Started

Prerequisites

• Python 3.8+
• An NVD API Key (freely available from the NIST NVD website)

Installation & Setup

1. Clone the repository:

   git clone https://github.com/ThiagoMaria-SecurityIT/vulnerability-management-platform.git
   cd vulnerability-management-platform

2. Install the required dependencies:

   pip install -r requirements.txt

3. Run the application:

   streamlit run app.py

Usage

1. Once the application is running, it will open in your web browser.
2. On the sidebar, enter your NVD API Key.
3. Click the "Fetch/Update NVD Data" button to download the latest vulnerability database. This may take a few minutes.
4. Once the data is loaded, all features of the platform will be available.

Future Roadmap (To-Do)

• Edit Functionality: Implement editing for Team Members and Asset Groups.
• Data Persistence: Save remediation and team data to a local database (e.g., SQLite) so it persists between sessions.
• User Authentication: Add a login system to support multiple users.
• Automated Reporting: Generate and export PDF and .csv summary reports.
• Dockerization: Create a Dockerfile for easy deployment. <- Not confirmed

License

This project is licensed under the MIT License. See the LICENSE file for details.

About Me

Thiago Maria - From Brazil to the World 🌎
Senior Security Information Professional | Passionate Programmer | AI Developer

With a professional background in security analysis and a deep passion for programming, I created this Github acc to share some knowledge about security information, cybersecurity, Python and AI development practices. Most of my work here focuses on implementing security-first at companies while maintaining usability and productivity.

Let's Connect:

👇🏽 Click on the badges below:

Ways to Contribute:

Want to see more upgrades? Help me keep it updated!