# ThreatVault ### **What is ThreatVault?** **ThreatVault** is a next-generation, open-source Unified Vulnerability & Compliance Management Platform built for **security engineers, DevSecOps teams, and security management**. It centralizes vulnerability and compliance data from multiple tools into a single, intelligent dashboard—making it easier to track, manage, and remediate security findings. Built with **FastAPI (Python)** and **PostgreSQL**, ThreatVault transforms raw scan data into **actionable insights** using smart deduplication, AI-powered explanations, and SLA tracking. *** ### **Why ThreatVault?** In modern DevSecOps workflows, security teams often juggle multiple tools like **Nessus, OpenVAS, OWASP ZAP, Trivy**, and more. Each tool generates its own reports, making it hard to get a unified view of your security posture. **ThreatVault solves this by:** * Centralizing all scan results into **one dashboard** * Automatically tracking **new vs. closed findings** * Enforcing **SLA timelines** based on severity * Supporting **custom integrations** via plugins * Providing **AI-powered explanations** for non-technical stakeholders * Offering **role-based access control** for secure collaboration *** ### **Key Features** | **Feature** | **Description** | | ------------------------ | --------------------------------------------------------------------------------------------------------------------------------------- | | **Unified Dashboard** | Get a centralized view of all vulnerability and compliance findings from multiple tools in one place | | **VAPT Dashboard** | Create projects (e.g., monthly scans), upload scan results, and track findings over time | | **Compliance Dashboard** | Centralize compliance findings from tools like Nessus, AWS Security Hub, and more | | **Management Dashboard** | Gain high-level visibility into vulnerability and compliance projects for informed decision-making, escalation, and management action | | **Owner Dashboard** | Owners can view only the projects and products they are responsible for, enabling focused remediation efforts | | **SLA Management** | Track remediation deadlines based on severity and configured SLA rules to ensure timely action | | **AI Integration** | Use OpenAI to generate plain-language explanations of vulnerabilities for better understanding across technical and non-technical teams | | **Multi-Tool Support** | Native support for popular tools like Nessus, OpenVAS, OWASP ZAP, and Trivy | | **Plugin Architecture** | Extend functionality by writing custom plugins to integrate any unsupported tool | | **DevSecOps Ready** | Designed for seamless integration into CI/CD pipelines and modern development workflows | | **Multi-User Roles** | Support for Admin, ITSE, Management, Owner, and Audit roles with granular access control for secure collaboration | *** ### **User Roles & Access Control** ThreatVault supports **role-based access control (RBAC)** to ensure secure and efficient collaboration: | Role | Permissions | | -------------- | --------------------------------------------------------------- | | **Admin** | Full access to all modules, users, and settings | | **ITSE** | Approve user access, assign roles, and upload scan results | | **Management** | Read-only access to all products and dashboards | | **Owner** | View and manage only assigned projects and products | | **Audit** | (Under development) Designed for compliance and audit workflows | *** ### **How It Works** 1. **Upload Scan Results** * Upload findings from tools like Nessus, Trivy, or ZAP into a project * ThreatVault automatically checks for duplicates and categorizes findings as **new** or **closed** 2. **Track SLAs** * SLA timers start based on severity and admin-defined rules * Track progress and ensure timely remediation 3. **View Dashboards** * Use the **VAPT Dashboard** for vulnerability tracking * Use the **Compliance Dashboard** for regulatory findings * Use the **Management Dashboard** for high-level oversight 4. **Collaborate Securely** * Assign roles and project access * Use AI explanations to communicate findings to non-technical teams 5. **Extend with Plugins** * If your tool isn’t supported, write a plugin to integrate it *** ### **Tech Stack** #### **Backend** * **FastAPI** – High-performance Python web framework * **PostgreSQL 17.0** – Reliable relational database * **SQLAlchemy (async ORM)** – For efficient database interactions * **Alembic** – For database migrations * **Polars & Pandas** – For fast data processing * **JWT + OAuth2** – Secure authentication * **CORS & Session Middleware** – For secure API and session handling #### **Frontend** * **Server-side HTML templates** * **Bootstrap** – Responsive UI design * **HTMX 2.0.4** – Dynamic UI updates with SSE * **jQuery** – DOM manipulation * **DataTables** – Interactive data tables * **ApexCharts** – Visualizations * **SweetAlert2** – Beautiful alerts * **Choices.js** – Enhanced select inputs #### **Infrastructure & Deployment** * **Docker** – Containerization * **Docker Compose** – Orchestration * **Automatic DB Initialization & Scheduler** – On startup #### **Architecture** * Layered design: `presentation`, `application`, `domain`, `persistence` * Static assets served from `/assets` endpoint *** ### **Contribute to ThreatVault** ThreatVault is **open source** and welcomes contributions from the community! #### **Ways to Contribute:** * Add support for new security tools * Improve AI explanations * Enhance dashboards and visualizations * Fix bugs and improve documentation * Help develop the **Audit role** and **compliance workflows** #### **Join Us** * Visit: * GitHub: [github.com/threatvault](https://github.com/threatvault) * Community: Join our Discord or Slack (coming soon) ### Jump right in

:leaf:

QuickstartQuick Start with Docker 🐳running-threatvault-with-docker

:bolt:

DashboardHow does it works?quickstart