Insurance

Enterprise Vulnerability Analytics & Security Posture Platform

The organization’s vulnerability landscape is fragmented across Qualys, Prisma Cloud, and Wiz, with no unified or correlated view. Critical ownership metadata—such as system owners, mapped applica

Confidential
Multi-month Engagement
5 Team Members

The Challenge

The organization’s vulnerability landscape is fragmented across Qualys, Prisma Cloud, and Wiz, with no unified or correlated view. Critical ownership metadata—such as system owners, mapped applications, and responsible teams—is missing, resulting in unclear accountability. Additionally, vulnerability data is not linked with the ServiceNow CMDB or internal system and user inventory files, preventing accurate asset correlation. These gaps force teams to rely on manual processes, which significantly slow down patching cycles. Without a single consolidated dashboard for prioritization and SLA tracking, addressing vulnerabilities becomes reactive, inefficient, and difficult to govern.

Our Solution

- Centralized vulnerability analytics and enrichment platform.
- MongoDB as raw data lake.
- Automated extraction of enriched raw data from MongoDB into PostgreSQL on Amazon RDS.
- Python transformation and enrichment scripts.
- Enrichment with:
* ServiceNow CMDB
* Internal system and user metadata files
* Ownership & team mapping logic
- Self-hosted EC2 servers running heavy Python tasks.
- Dockerized workloads stored in Harbor Registry.
- GitHub Actions pipelines for automation and deployment.
- Unified vulnerability scoring model combining scanner severity, CVSS, and asset criticality.
- PowerBI Dasboard for centralised monitoring for Vulnerabilty Data

Technologies Used

MongoDB
Amazon RDS (PostgreSQL)
Python
Amazon EC2
Docker
Harbor Registry
GitHub Actions
Qualys
Prisma Cloud
Wiz
ServiceNow CMDB
PowerBI
Internal Metadata Sources

Results & Impact

- Centralized scanner data across all environments.
- Automated ingestion, transformation, and enrichment workflows.
- Accurate ownership mapping for remediation.
- Improved patching prioritization with enriched business metadata.
- 50–60% reduction in manual processing.
- Faster time-to-remediation with SLA visibility.
- Audit-ready, standardized vulnerability data.

Project Info

Client: Confidential
Industry: Insurance
Duration: Multi-month Engagement
Team Size: 5

Ready for Similar Success?

Let's discuss how we can transform your data challenges into growth opportunities.

Get in Touch

Share This Case Study