Nº VulnVis By endpointX

Vulnerability management, visualised.

A vulnerability console for the people who actually have to act on it. Fewer widgets, more decisions.

Used in our own managed service before it was offered to anyone else. Available as an add-on to any managed-service engagement we run.

Nº 01 / 04 Live console · 1,847-seat estate

Numbers tick on a slow loop. The risk reticle moves. Toggle theme top-right.

Nº 02 / 04 What it does

Six things VulnVis was built to do.

CAPABILITY 01

Risk normalisation across heterogeneous estates.

A single environment-risk score, comparable across operating companies, sites, device types, and time. Aggregate ÷ devices × scale, rendered live in the console above.

32.6/100
Env. risk · medium band
CAPABILITY 02

Critical tracking against CISA KEV.

Every finding cross-referenced against the CISA Known Exploited Vulnerabilities catalogue. The match rate is updated live; KEV-listed criticals jump the queue.

41
CISA KEV matches · live
CAPABILITY 03

Vulnerability churn. The metric most don't measure.

New findings ÷ resolved findings, on rolling 7-day and 30-day windows. Below 1.0 means the funnel is shrinking. Above 1.0 means it isn't. We surface this as the headline metric for VM health.

0.88x
30-day churn · healthy
CAPABILITY 04

Time-to-resolve and age-of-open.

MTTR and average open-age, split between all findings and P1 only. Two pairs of numbers; everything you need to argue that the programme is fast, slow, or in regression.

9.4days
P1 MTTR · CE+ target < 14d
CAPABILITY 05

Top risk contributors: products, devices, CVEs.

A unified ranking that doesn't care whether the contributor is a product, a host, or a single CVE. Frequently surfaces the legacy installer that nobody had on a list.

142aggr.
Operating system · #1
CAPABILITY 06

Stakeholder-ready PDF reporting.

Same numbers, exported as a CISO-format PDF with the trend, the churn, the KEV match-rate, and the top contributors. Ready for the monthly board pack.

One-click export · CISO-format PDF
Nº 03 / 04 Under the hood

Tanium-native. Hosted where you need it.

VulnVis ingests Tanium Comply, Asset, and Patch data through a documented API surface. The risk model is published; no black box. Customers can host VulnVis themselves (on-prem, or in their own cloud tenancy) or have us host it for them in UK regions. Authentication is SSO-first; everything routes through a single audit log.

Nº 04 / 04 Real data, your estate

VulnVis is an add-on for managed-service customers.

The interactive console above is synthesised. The version against your real Tanium data is more useful, and (we'd argue) less flattering. Available as an optional add-on to any managed-service engagement: fixed-fee, no separate licence dance, deployed alongside the workstream you've already scoped.

Talk about a managed engagement