Return_To_Index
PROJECT_ID: 004

Vulnerability Management System

An open source web based Vulnerability Management System that centralizes security scanning, reduces alert fatigue, and improves vulnerability prioritization using AI assisted analysis aligned with ISO 27001 practices.

Vulnerability Management System — screenshot 1
Vulnerability Management System — screenshot 2
Vulnerability Management System — screenshot 3
Vulnerability Management System — screenshot 4
1 / 4

Problem_Statement

Organizations often use multiple security scanning tools to check their systems. These tools generate a large number of vulnerability findings. Over time, this creates alert fatigue, where security teams feel overwhelmed and struggle to decide which vulnerabilities should be fixed first. In many cases, scans are done separately without a centralized system to track results, verify domain ownership, or monitor remediation progress. This makes vulnerability management inefficient and difficult to manage in a structured way.

Approach_&_Solution

Developed a centralized web based system that integrates multiple scanning engines including a web application scanner, network and port scanner, and SSL configuration analyzer. All scan processes are automated and managed through a backend orchestration layer. Before a scan can be executed, the system requires domain ownership verification using methods such as DNS records, file validation, or meta tag validation to prevent unauthorized scanning. To address alert fatigue, integrated Google Gemini API to analyze scan results and assist in prioritizing vulnerabilities based on severity, risk impact, and recommended remediation steps.

Key_Features

  • Web application vulnerability scanning
  • Network and port scanning
  • SSL and security configuration analysis
  • Domain ownership verification using DNS, file, and meta tag validation
  • AI assisted vulnerability prioritization using Google Gemini
  • Recurring scan scheduling with configurable intervals
  • Asset management for tracking scanned domains
  • Remediation history and resolution tracking

Challenges

  • Synchronizing results from multiple scanning engines into one structured format
  • Designing a secure and reliable domain ownership verification process
  • Handling large volumes of vulnerability findings without affecting performance
  • Reducing alert fatigue while maintaining accurate prioritization results
  • Ensuring AI analysis produces clear and practical remediation guidance

Reflection_&_Learnings

This project strengthened my understanding of real world vulnerability management challenges, especially alert fatigue and risk prioritization. I gained experience in system architecture design, automation of security workflows, integration of multiple scanning engines, and implementing AI assisted analysis to support better decision making in cybersecurity operations.