VulnTriage

VulnTriage is a web app (with an optional lightweight desktop agent) that turns noisy web vulnerability scan results into a fix-ready queue. Instead of running yet another scanner, it ingests outputs from common tools (ZAP, Burp exports, Nessus/Tenable, Qualys, Snyk, GitHub code scanning) and normalizes findings across apps, endpoints, and environments. It de-duplicates recurring issues, correlates them with asset context (internet-exposed, auth required, data sensitivity), and adds exploit-likelihood signals (known exploited CVEs, reachable paths, weak auth, WAF presence). The result is a prioritized remediation board with clear “what to do next” guidance, ticket creation, and evidence packs for audits. It also tracks rescan verification and prevents teams from gaming metrics by closing tickets without proof. This is a combination traditional + AI app: traditional pipelines for parsing/correlation, AI for summarization and fix guidance.