Vulnerability Management · Security Leadership

Security leadership, built on automation.

Hi, I'm Joe. I lead a vulnerability management team across a multi-company enterprise, and I'm happiest when I'm still close to the work, building the tools that make it run. Most of what's here started as something my team needed. Twenty years across security, cloud, and infrastructure, and still learning every week.

Joe Cook
Joe Cook
20+
Years in IT
7
Engineers led
Multi-company
Managed services
AI-driven
Security operations
01

Open-source work

vm-ops-consoleFlagship My flagship: a browser-local vulnerability-management operations console that unifies everything below into one app — CVE intelligence, a findings workbench, a Tenable VM dashboard, and an AD-vs-agent coverage reconciler — under one nav, one theme, and a natural-language Ask AI box. A daily Morning Report leads with what's newly exploitable (and rolls up the weekend on Mondays). Scan data, findings, and keys never leave your browser; no backend, no build step. cve-explorerFlagship A modern front end over the CVE corpus that leads with prioritization, not just CVSS: ask in plain English, get a morning briefing on what's newly exploitable, and open any CVE for a verdict drawn from a dozen-plus public sources (EPSS, CISA KEV, NIST LEV, CISA SSVC, Red Hat, Ubuntu, exploit feeds…). Plus a 100% client-side Tenable export analyzer — no backend, no build step. tenable-vm-dashboardFlagship A 100% browser-local dashboard for Tenable Security Center exports: drop in your cumulative and mitigated vulnerability details and get SLA-driven KPIs, segment and OS breakdowns, and most-exposed hosts — the data never leaves your browser. Single static page, works offline. agent-coverage-dashboardFlagship A 100% browser-local dashboard that reconciles Active Directory against your Tenable, ManageEngine and CrowdStrike agents to find coverage gaps, stale agents, and orphans — per machine, with AD-aware filters for real systems and recent logons. The data never leaves your browser. agent-supply-chain-scannerAI SAST for AI agent instructions: detects prompt injection and malicious instructions in skills, MCP servers, hooks, and prompts. Zero-dependency Python CLI with JSON/SARIF output, plus a client-side browser playground. cve-remediation-agentAI A Claude tool-use agent that triages a CVE against NVD, EPSS, and CISA KEV, then drafts a detect/fix/validate/rollback remediation playbook for review. cve-patch-lookup Enter a CVE and instantly see its severity, exploitation likelihood, KEV status, and the patches and fixed versions that address it. Static, free, no backend. remediation-playbooks Remediation scripts and runbooks: detect, fix, validate, rollback. One folder per finding, with a CVE-to-PowerShell remediation catalog. security-plus-prep Free, browser-based CompTIA Security+ (SY0-701) exam prep: 150+ original practice questions with explanations, flashcards, domain drills, and progress tracking. Zero-dependency static app. vuln-prioritization-toolkit Enriches CVEs with EPSS, CISA KEV, and NIST LEV scores to build a data-driven remediation queue. vm-prompt-libraryAI A practitioner's prompt library for vulnerability management: structured, model-agnostic prompts for triage, communication, remediation, risk acceptance, and reporting. patch-tuesday-analyzer Turns the MSRC API into an instant Patch Tuesday triage briefing. Zero-days first, noise last. pytenable-automation-examples Production patterns for Tenable automation: agent health, streaming exports, SLA reporting. kev-watch Daily CISA KEV diff alerter. New confirmed-exploited CVEs, straight to your security channel. vm-metrics-dashboard ETL and Power BI starter kit for the KPIs that run a vulnerability management program.
02

Writing

The missing link in vulnerability prioritization? Meet NIST's new LEV metric Article Monthly Patch Tuesday triage briefings Ongoing series Establishing meaningful KPIs and KRIs for vulnerability management Series
03

Toolbox

Vulnerability management
Tenable, ManageEngine, ServiceNow, SCCM, EPSS, CISA KEV, NIST LEV, patch management, SLA and KPI reporting, SOAR
Automation & scripting
PowerShell, Python, Pandas, REST APIs, Terraform, Ansible
Data & reporting
Power BI, SQL, Power Query, KPI and KRI design, ETL
Platforms & infrastructure
Active Directory, Microsoft Azure, VMware, Windows Server, Linux, Hyper-V
04

Certifications & training

VMware: Sales & Technical Sales Professional
EMC: Storage Specialist · Avamar Backup Specialist
Cisco: CCNA / CCNP, Network Academy