Feature

Vulnerability Management

Find, score, and close exposures

Available inbasicproenterprise

Findings from every scan pass are normalized into a single, prioritized queue. Each finding is scored using a composite model that weighs CVSS base severity, EPSS exploitability probability, and CISA KEV membership. You see the handful of findings that matter most, not an undifferentiated list of thousands.

Key capabilities

  • Composite risk score merges CVSS, EPSS, and KEV data into one actionable number
  • Findings are deduplicated across scan runs — one record per exposure, not one per scan
  • Asset criticality tag multiplies the base score so a finding on a revenue-critical host rises above the same finding on a test server
  • Status lifecycle tracks each finding through open, acknowledged, remediated, and accepted-risk states
  • Remediation evidence attached directly to the finding record closes the audit loop
  • SLA clock starts when a finding is opened; dashboard surfaces any overdue items by severity band

How it works

01

Scan workers emit raw findings in a normalized format regardless of which underlying tool produced them. A deduplication pass uses a stable fingerprint — tool, host, port, and vulnerability class — to collapse repeated detections into a single finding record. The record's first-seen and last-seen timestamps are maintained independently.

02

Scoring runs after deduplication. The base CVSS score is fetched from NVD. EPSS scores and KEV membership are updated from CISA feeds on a daily schedule. The composite score is a weighted function of these inputs, multiplied by the asset's criticality multiplier (1.0 for standard, 1.5 for high, 2.0 for critical). Scores are recomputed whenever any input changes.

03

When a finding's composite score crosses a configured threshold, an event is emitted to the notification bus. Integrations (Jira, Slack, Linear) receive structured payloads containing the finding detail, remediation guidance, and a deep link back to the SICenter console. Ticket references are stored on the finding record so status syncs are bidirectional.

Related capabilities

Asset Discovery

Continuous external attack-surface mapping

Learn more

Integrations

Slack, Jira, Linear, ServiceNow, signed webhooks

Learn more

Threat Intelligence

KEV + EPSS + CVE-aware scoring

Learn more
Get started

Ready? See how scoring works.

No credit card required. Start free, upgrade when you need more.

Start freeSee pricing