About this project
Grafana-based vulnerability management dashboard that ingests Tenable scan data and surfaces asset risk scores, patch velocity, SLA compliance, and trend analysis across the enterprise asset estate.
Background
Vulnerability management without measurement is remediation theatre. You can run Tenable scans and generate a list of findings, but without tracking patch velocity, SLA compliance, and trend direction over time, you don't actually know if your security posture is improving. The dashboard was built to answer that question continuously rather than at point-in-time report intervals.
The Tenable.io API exposes rich scan data but in a format that requires normalisation before it's useful for aggregated analysis. The Python ingestion pipeline pulls scan results, normalises them against the asset inventory, computes composite risk scores (CVSS adjusted for asset criticality and exposure), and stores them in PostgreSQL. Grafana queries that store for the dashboard panels, which means the visualisation layer is separate from the data layer and can be modified independently.
The SLA compliance tracking was the feature that had the most operational impact. When you can show that 23% of critical vulnerabilities are past their 7-day remediation SLA by name, owner, and days overdue, it changes the conversation with teams responsible for patching. The executive summary panel translates that detail into board-level risk language — trend direction, outstanding critical count, and compliance rate over the past quarter.
Highlights
- Tenable.io API ingestion pipeline normalising vulnerability data into PostgreSQL
- Asset risk scoring — composite CVSS, asset criticality, and exposure weighting
- SLA compliance tracking: critical ≤7 days, high ≤30 days, with breach alerting
- Patch velocity trending — remediation rate vs. new vulnerability discovery rate
- Executive summary panel for board-level risk reporting