All Features
Vulnerability Management

Detect, track, and remediate vulnerabilities -- with SLA tracking and CSAF publishing

CVE tracking, Trustify sync, security advisories, and dashboard analytics in one platform

Article 14 of the Cyber Resilience Act requires manufacturers to actively handle vulnerabilities and inform users in a timely manner. Kunnus provides the complete workflow: from automatic CVE detection through SLA tracking to security advisories with CSAF publishing -- including a real-time dashboard with MTTA, MTTD, and MTTR metrics.

Trustify SyncData Source
CVSSScoring
SLA TrackingDeadlines
CSAFPublishing
app.kunnus.tech/vulnerabilities

Vulnerability Mgmt

12
Open
8
In Progress
47
Resolved (30d)
3
ENISA Reports
CVECVSSStatus
CVE-2024-0727
9.8
Patch Ready
CVE-2024-1234
7.5
In Analysis
CVE-2024-5678
6.1
Fix Deployed
CVE-2024-9012
4.3
Monitoring

Key Benefits

CVE Tracking & SLA Management

CVE list with CVSS score, severity badge, SLA status (On Track / At Risk / Breached), assignee, and discovered date. Fully live.

Sync with Trustify

One-click sync against the Trustify database. Shows SBOMs scanned and new vulnerabilities discovered. Automatic correlation with your portfolio.

Security Advisories & Disclosures

Create your own disclosures. External reporters can submit vulnerabilities via a shareable link. CSAF feeds are auto-ingested and tracked against SLA rules.

Security Dashboard Analytics

MTTA/MTTD/MTTR metrics, CVSS histogram, top-risk products, components, and vendors. Configurable time range for trend analysis.

Capabilities

CVE Detail & Response Timeline

CRA Art. 14

Full CVE information, affected components, status, assignment, and response timeline. Every step documented and traceable.

Own Vulnerability Reporting & Tracking

Art. 13(6)

Manually report and track internally discovered vulnerabilities. Manual CVE entry, SLA assignment, and full tracking.

Customer Notification via Email & CSAF

Partial

CSAF publishing is live. Automated email notification for critical and high CVEs is coming in the next minor release.

CSAF Feed Ingestion

CRA Art. 14

External CSAF feeds are auto-ingested and tracked against your SLA rules. Seamless integration into the existing vulnerability workflow.

Configurable Dashboard

Severity breakdown, SLA status, resolution metrics, and trend charts. Freely configurable time range for management reporting.

Use Cases

01

Proactive Vulnerability Management

A manufacturer syncs daily with Trustify, detects new CVEs automatically, and tracks remediation with SLA tracking -- from discovery to fix.

02

CSAF-Compliant Disclosure

Security advisories are published as CSAF documents and provided to external reporters via a shareable link -- fully CRA-compliant.

03

Management Reporting

The security dashboard shows MTTA, MTTD, and MTTR at a glance. Leadership gets reliable metrics for audits and compliance evidence.

Related Features

SBOM Management

Vulnerabilities are automatically correlated with SBOM components -- for seamless traceability.

Learn more

Compliance Assessment

Vulnerability management is one of the eight CRA requirements -- Kunnus tracks the status automatically.

Learn more

Reporting & Analytics

Detailed dashboards and audit trail for all vulnerability activities.

Learn more

Keep vulnerabilities under control

See how Kunnus automates CVE tracking, SLA management, and CSAF publishing. We'll walk you through the workflow in a personalized demo.

View Walkthrough