Framework built using python that collates vulnerability data along with log data to signal threat levels for hosts across large networks.
To successfully run the analysis, fill the API details in the config file or alternatively provide flat files with vulnerability data, port scans, connection logs and subnet information for all hosts. If using splunk or another SIEM, change query in config to match.